Operation Aurora targets Internet Explorer Vulnerability

According to BitDefender a major vulnerability of the Internet Explorer and Adobe PDF Reader are responsible for some major hacker attacks on Google, Adobe and 20 other technology companies. Microsoft is now investigating the case and will hopefully soon release a hotfix that will be posted here as soon as it is available. It is recommended to use a different browser in the meantime (e.g. Opera).

Operation Aurora Targets Internet Explorer Vulnerability

The Internet Explorer versions 6-8 are affected by the vulnerability. An invalid pointer reference” allows hackers to execute any code from a remote machine when you access a website that is exploiting the vulnerability. The hacker can then gain the same permissions that you currently have, therefore it is highly recommended that you do NOT run Windows 7 in administrator mode. (the Windows 7 administrator account was hidden for a reason!)

Warning: Don’t disable UAC and run IE6-8

Update from Ed Bott via Twitter:

Administrator accounts in Windows 7 run as standard users unless specifically elevated.
With UAC turned on, IE automatically runs in Protected Mode, not as administrator.

I know many of you disable the UAC, so be advised that this could be potentially dangerous:

User Account Control (UAC) is disabled – If UAC is disabled, Protected Mode is turned OFF. When UAC is disabled, some of the protections which Protected Mode depends on are not available, for example, UI Privilege Isolation (UIPI) is disabled. Hence, Protected Mode is turned off in this scenario.

Source: MSDN

Also note, Protected Mode is turned off whenever you run Internet Explorer as administrator (right-click – run as administrator).

Governments around the world warn to use the Internet Explorer until a fix has been released. This new generation of viruses and trojans can possibly modify your system files without your knowledge and will infect other machines if you are not able to remove it.
Many of the “next-gen” viruses are very smart, you won’t be able to remove them with common Anti-Viruses, because it will auto-detect them and prevent any access at all! Anti-Hijacking tools will be your last resort if you have been infected (e.g. HijackThis or special tools from “Panda Security”).

Published: Friday, January 15th, 2010 Last Modified: January 16, 2010

Related Posts

Rate This Article