Computer Business Review

Microsoft admits IE flaw caused Google hack

by Steve Evans| 15 January 2010

Attacks against corporate networks on the rise, says Redmond

Microsoft has admitted that a flaw in its Internet Explorer web browser enabled hackers to gain access to Google’s system, an event that resulted in Google threatening to pull its operations in China.

In a post on its Microsoft Security Response Center, director Mike Reavey said that a bug within Internet Explorer could allow hackers to remotely run programs on infected machines.

“Based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks,” Reavey wrote.

“Microsoft has not seen widespread customer impact, rather only targeted and limited attacks exploiting IE 6 at this time,” Reavey said. “Our teams are currently working to develop an update and we will take appropriate action to protect customers when the update has met the quality bar for broad distribution. That may include releasing the update out of band.”

Reavey added that all companies should be more aware of potential security issues and make sure that their security software is up-to-date. “It is important to note that complex attacks targeting specific corporate networks are becoming more prevalent in the threat landscape, therefore organisations should follow defence-in-depth best practices, and deploy multiple layers of protection to improve their security posture,” he said.

Following the attacks, which targeted human rights activists and were believed to have originated in China, Google said that is was no longer willing to censor its search results in the country. The claim is likely to mean that Google’s entire Chinese operation will shut, as the Chinese government is very strict about what information its citizens can access online.

 

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

755 people like this.
0 people follow this.

Intelligence

Suppliers Directory


See more
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.