Another wave of attacks target Internet Explorer
Other versions of Internet Explorer are now vulnerable to exploitation, including the new beta of the latest update.
The Internet Explorer vulnerability currently investigated by Microsoft has spread to other versions of the browser, including the newest Internet Explorer (IE) 8 Beta 2.
A new advisory has warned that as well as Internet Explorer 7, other versions potentially vulnerable to attacks are IE 5.01 Service Pack 4, IE 6 Service Pack 1, IE 6 and IE 8 Beta 2.
The vulnerability looks like it is getting very serious, with Ivan Macalintal, advanced threats researcher for Trend Micro, reporting that the number of infected sites had risen to 6,000 and was quickly increasing in number.
Microsoft researchers Ziv Mador and Tareq Saade also said that attacks had risen significantly over the weekend, with an increase of over 50 per cent in the number of reports.
There are more technical details of the vulnerability as well as some workaround options to make Internet Explorer safe from danger here.
However, some experts have advised users to use an alternative browser until Microsoft issues a patch for the problem.
The website Shadowserver has listed a number of domains known to be exploiting the vulnerability. According to Microsoft, the current trend for attack uses SQL injection attacks against websites, and proceeds to load attack code.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
In the new advisory, Microsoft repeated its previous statement that it would take the appropriate action once it had completed the investigation.