Friday, March 11, 2011

Google: Unpatched MHTML Vulnerability in IE Under Active Exploitation in Targeted Attacks

We’ve noticed some highly targeted and apparently politically motivated attacks against our users. We believe activists may have been a specific target. We’ve also seen attacks against users of another popular social site. All these attacks abuse a publicly-disclosed MHTML vulnerability for which an exploit was publicly posted in January 2011. Users browsing with the Internet Explorer browser are affected.

For now, we recommend concerned users and corporations seriously consider deploying Microsoft’s temporary Fixit to block this attack until an official patch is available.

To help protect users of our services, we have deployed various server-side defenses to make the MHTML vulnerability harder to exploit. That said, these are not tenable long-term solutions, and we can’t guarantee them to be 100% reliable or comprehensive. We’re working with Microsoft to develop a comprehensive solution for this issue.


Microsoft Security Advisory (2501696)
Vulnerability in MHTML Could Allow Information Disclosure

Suggested Workaround = Enable the MHTML protocol lockdown
Microsoft KB2501696 - Automated Microsoft "Fix it" to enable and disable suggested workaround

No comments:

Post a Comment