June 18th, 2011, 18:49 PM
Microsoft IE8 flaw exploited in the wild
Security experts are warning that a recently patched critical flaw in Microsoft's Internet Explorer browser is already being exploited in the wild
Symantec senior researcher Joji Hamada explained in a blog post that the so-called Internet Explorer time element uninitialised memory remote code execution vulnerability is being exploited in specific targeted attacks.
"We have been able to confirm the existence of one such attack that involves a compromised web site hosting content for a neighborhood restaurant," he added.
"It appears that a duplicate of the top page of the website was either hacked to include a hidden iframe tag linking to an exploit page or was prepared from scratch, which, if run successfully, the included shell code downloads an encrypted malicious file from the same site."
Full story: V3.co.uk