‘State-sponsored attackers’ using IE zero-day to hijack GMail accounts
Microsoft and Google have separately warned about a new Internet Explorer zero-day being exploited to break into GMail accounts.
The browser flaw, which is currently unpatched, expose Windows users to remote code execution attacks with little or no user action (drive-by downloads if an IE users simply surfs to a rigged site).
Microsoft’s advisory speaks of “active attacks” and follows a separate note from Google that references the IE flaw “being actively exploited in the wild for targeted attacks.” (Read More)
This entry was posted in IT Compliance
. Bookmark the permalink