IE7 zero day attack: hacked sites infect PCs

Microsoft is investigating a zero-day attack affecting Internet Explorer 7.0, which could enable a hacker to take over infected PCs.

Microsoft is investigating a zero-day attack affecting Internet Explorer 7.0, which could enable a hacker to take over infected PCs.

Microsoft said, "At this time, we are aware only of limited attacks that attempt to use this vulnerability. Our investigation of these attacks so far has verified that they are not successful against customers who have applied workarounds."

The website Shadowserver has published a list of sites users should not visit. The Shadowserver website warned, "Visiting a website with this exploit can result in a full compromise of an affected system. Currently most of the exploits out there will attempt to download a Trojan onto the system."

Embarrassingly for Microsoft, the flaw was not covered by the company's latest Patch Tuesday update, issued two days ago.

Read more on Hackers and cybercrime prevention

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close