Skip to main content

How one gaping IE exploit is putting your business at risk

ITProPortal spoke to Simon Edwards, senior security consultant at Damballa, about a new scourge of Internet Explorer (IE) hacks that are threatening to leave business and Internet users open to cyber attack.

What are these IE exploits?

Microsoft has all along made IE heavily coupled with the operating system (OS) and there are a number of advantages that they can produce and that kind of stuff. But Hackers use that tight coupling to read deeper into the system.

When an exploit comes into a browser, if that browser is IE, the browser has a number of processes that read back into the filesystem, and that's the vulnerability.

The flaw allows the exploit kit to say "find me all the versions of security software that are running, find me where Dropbox is" and so on to give a much more detailed map of what's on the machine, whereas other browsers don't offer that level of functionality and are more secure as a result.

What's the nature of the IE exploit and how is it being used by criminals?

The story that came out last week about using IE to get further into systems and get more information is nothing new, but malware uses that structure to penetrate further. If you look at the lifecycle of a malware attack most people focus on the initial compromise, when in fact that's a very small part of the lifecycle.

The first thing malware does when it infects a machine is have a look around and says "where am I," and the more information the program can get in terms of where it is and what it's connected to makes it that much more powerful to the hacker who's running the code.

What's Microsoft doing to address these problems?

Hopefully patching them. I haven't had any contact with them but they're in a continual lifecycle of making IE tougher and more secure. I know they made a statement this week stating the IE 11 was much stronger in this area.

But obviously users need to be updating and making sure they have the latest version.