For the second time in a short time a critical, just patched vulnerability in Internet Explorer is actively attacked by cyber criminals. Last week Microsoft also released an emergency patch for a zero-day vulnerability in Internet Explorer that was already attacked before a patch was available. The currently exploited vulnerability in Internet Explorer was patched on the 11th of August.
By visiting a hacked or malicious website users with a vulnerable Internet Explorer can become infected with malware. Also malicious advertisements can inject their payload to the user’s system. The exploit that abuses the Internet Explorer leak has now also been added to the Sundown exploitkit, according to antivirus company Symantec.
Hackers abuse the leak by adding code to websites that redirects users to the exploitkit which in its turn installs a Trojan horse. The Trojan then provides the cyber criminals access to the computer and allows them to steal all kinds of data. The currently discovered attack, that abuses the Internet Explorer vulnerability, mainly targets Japanese users.
Earlier this month there was another Internet Explorer vulnerability that was actively attacked by cybercriminals. The affected leak was already patched by Microsoft in July but 3 weeks later an exploit targeting the leak was added to the Angler exploit kit and used to infect IE users with ransomware.