News

Security companies warn of increase in new IE attack

Criminals are increasing their use of an unpatched flaw in Microsoft's Internet Explorer browser to install fake antivirus products and malicious back doors on victim's computers.

It appears that two separate cybergangs have begun using the exploit -- the first uses it to install fake antivirus software on victim's computers; the second group is installing a variant of the Sinowal Trojan.

Most of the attacks are being hosted on websites that appear to be specifically set up to host the attack code, rather than hacked sites. Internet Explorer versions 6 and 7 are vulnerable to the attack. For it to work, however, the victim has to first visit a Web site hosting the malicious code.