Computer Business Review

Microsoft admits IE flaw caused Google hack

by Steve Evans| 15 January 2010

Attacks against corporate networks on the rise, says Redmond

Microsoft has admitted that a flaw in its Internet Explorer web browser enabled hackers to gain access to Google’s system, an event that resulted in Google threatening to pull its operations in China.

In a post on its Microsoft Security Response Center, director Mike Reavey said that a bug within Internet Explorer could allow hackers to remotely run programs on infected machines.

“Based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks,” Reavey wrote.

“Microsoft has not seen widespread customer impact, rather only targeted and limited attacks exploiting IE 6 at this time,” Reavey said. “Our teams are currently working to develop an update and we will take appropriate action to protect customers when the update has met the quality bar for broad distribution. That may include releasing the update out of band.”

Reavey added that all companies should be more aware of potential security issues and make sure that their security software is up-to-date. “It is important to note that complex attacks targeting specific corporate networks are becoming more prevalent in the threat landscape, therefore organisations should follow defence-in-depth best practices, and deploy multiple layers of protection to improve their security posture,” he said.

Following the attacks, which targeted human rights activists and were believed to have originated in China, Google said that is was no longer willing to censor its search results in the country. The claim is likely to mean that Google’s entire Chinese operation will shut, as the Chinese government is very strict about what information its citizens can access online.

 

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

738 people like this.
0 people follow this.

Intelligence

Suppliers Directory

  • Rackspace

    As the world’s leader and specialist in hosting, Rackspace Hosting is changing the way businesses worldwide buy IT. Rackspace delivers...

  • M86 Security - Web and E-mail Security Products

    M86 Security is a global provider of web and e-mail security products. We are the only security company able to provide integrated, reliable and...

  • Alfresco - Open Platform for Document Management and Collaboration

    Alfresco is an open platform for business-critical document management and collaboration. Alfresco can automate document-intensive business...

  • Mimecast

    Mimecast is a rapidly expanding Software as a Service (SAAS) company. We provide an online technology platform that radically improves the way...


See more
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.