Internet Explorer (IE) attack code used to hack Google goes public

Internet Explorer attack code, that was used in last month's attack on Google's and other corporate networks is now public. “The code was submitted for analysis on the Wepawet malware analysis Web site, making it publicly available. Shortly after, it had been included in at least one publicly available hacking tool and could be seen […]

Internet Explorer attack code, that was used in last month's attack on Google's and other corporate networks is now public. “The code was submitted for analysis on the Wepawet malware analysis Web site, making it publicly available. Shortly after, it had been included in at least one publicly available hacking tool and could be seen in online attacks,” according to Dave Marcus of McAfee. The attack is very reliable on Internet Explorer 6 running on Windows XP, and it could possibly be modified to work on more recent versions of the browser, Marcus said. "The game really changes now that it's hosted publicly," he said. “A hacker could use the code to run unauthorized software on a victim's computer by tricking them into viewing a maliciously crafted Web page. The same exploit was allegedly used to attack Google and 33 other companies in Dec last year and gain access to internal data and systems. According to Symantec and Juniper Networks who performed an independant investigation, Yahoo was also attacked using the flaw,” writes IT World.