In a candid admission, Microsoft Corp has said that the security vulnerabilities in its browser were indeed exploited by the cybercriminals to hack the networks of Adobe Inc., Google, and several other companies.
Earlier, the internet security vendor McAfee had exposed the fact that the hackers used the security flaws in Microsoft’s Internet Explorer (IE) to infiltrate Google networks.
Responding to the situation, the software giant has released a security advisory on Thursday, warning users of a critical and unpatched security hole in IE that could allow hackers to steal their login credentials for crucial online accounts.
Incidentally, IE is vulnerable to this kind of attack on almost all latest Microsoft operating systems, including the recently released Windows 7.
Mike Reavey, director of Microsoft’s Security Response Centre (MSRC), wrote in a blog post: “We have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks.”
In addition, Google has released details about the attacks on Tuesday, in which it claimed that the attacks weren’t only targeted at the US companies. Some of the notable companies that were attacked include Adobe Systems, Juniper Networks, Yahoo, Dow Chemical, Symantec, and Northrop Grumman.
That's bad, really bad. This shows that the attackers had enough manpower for them to look into Internet Explorer code and found out flaws that will allow them to have access to login details, vulnerabilities that have only been found now. This means that in theory, no browser is safe.