Users of Internet Explorer 8 at risk of 'water hole attack' - Hawaii News Now - KGMB and KHNL

Users of Internet Explorer 8 at risk of 'water hole attack,' urged to take security measures

Users of Internet Explorer 8 are at risk of what is known as a "watering hole" attack. Users of Internet Explorer 8 are at risk of what is known as a "watering hole" attack.
  • Cyber crimeMore>>

  • Prosecutors: Russian hackers exploit US cyber vulnerability

    Prosecutors: Russian hackers exploit US cyber vulnerability

    Tuesday, July 17 2018 12:34 AM EDT2018-07-17 04:34:44 GMT
    Tuesday, July 17 2018 9:40 AM EDT2018-07-17 13:40:25 GMT
    (AP Photo/Pavel Golovkin). A man walks past the building of the Russian military intelligence service in Moscow, Russia, Saturday, July 14, 2018. U.S. President Donald Trump on Saturday scolded the Obama administration for not responding aggressively e...(AP Photo/Pavel Golovkin). A man walks past the building of the Russian military intelligence service in Moscow, Russia, Saturday, July 14, 2018. U.S. President Donald Trump on Saturday scolded the Obama administration for not responding aggressively e...

    US prosecutors say Russian government hackers exploited some of America's own computer infrastructure to steal politically sensitive information.

    More >>

    US prosecutors say Russian government hackers exploited some of America's own computer infrastructure to steal politically sensitive information.

    More >>
  • US intel chief stands by assessment of Russian meddling

    US intel chief stands by assessment of Russian meddling

    Monday, July 16 2018 4:06 PM EDT2018-07-16 20:06:05 GMT
    Tuesday, July 17 2018 7:58 AM EDT2018-07-17 11:58:35 GMT
    (AP Photo/J. Scott Applewhite, File). FIEL - In this May 24, 2018, file photo, Director of National Intelligence Dan Coats arrives as House and Senate lawmakers from both parties gather for a classified briefing in a secure room about the federal inves...(AP Photo/J. Scott Applewhite, File). FIEL - In this May 24, 2018, file photo, Director of National Intelligence Dan Coats arrives as House and Senate lawmakers from both parties gather for a classified briefing in a secure room about the federal inves...
    The top U.S. intelligence official says assessments of Russian meddling in the 2016 election have been 'clear' and describes the Kremlin's efforts to undermine the United States' democracy as 'ongoing' and...More >>
    The top U.S. intelligence official says assessments of Russian meddling in the 2016 election have been 'clear' and describes the Kremlin's efforts to undermine the United States' democracy as 'ongoing' and 'pervasive.'.More >>
  • Russian hackers used US online infrastructure against itself

    Russian hackers used US online infrastructure against itself

    Monday, July 16 2018 4:46 PM EDT2018-07-16 20:46:51 GMT
    Tuesday, July 17 2018 12:42 AM EDT2018-07-17 04:42:44 GMT
    (AP Photo/Pavel Golovkin). A man walks past the building of the Russian military intelligence service in Moscow, Russia, Saturday, July 14, 2018. U.S. President Donald Trump on Saturday scolded the Obama administration for not responding aggressively e...(AP Photo/Pavel Golovkin). A man walks past the building of the Russian military intelligence service in Moscow, Russia, Saturday, July 14, 2018. U.S. President Donald Trump on Saturday scolded the Obama administration for not responding aggressively e...
    Prosecutors say Russian hackers accused of meddling in the 2016 presidential election exploited some of the United States' own computer infrastructure against it, using two U.S.-based servers it leased in Arizona...More >>
    Prosecutors say Russian hackers accused of meddling in the 2016 presidential election exploited some of the United States' own computer infrastructure against it, using two U.S.-based servers it leased in Arizona and Illinois.More >>

(RNN) - Users of Internet Explorer 8 could be at risk for a major cyber security threat unless they take steps to safeguard their browser.

Microsoft, which owns the Internet Explorer browser system, issued a security advisory that explained users of Internet Explorer 8 are at risk of a "remote code execution vulnerability."

"The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer," Microsoft said on their website. "An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website."

According to The Hacker News, the attack is known as a "watering hole" attack and the website for the U.S. Department of Labor is just one of several high-profile web sites that have been corrupted.

The computer security news site also explained that in watering hole attacks, "victims are not affected directly. Rather, attackers compromise a trusted, third-party website that the intended targets are likely to visit, then launch a silent attack when they visit the site."

Microsoft explained further how this type of attack operates:

"In a web-based attack scenario, an attacker could host a website that contains a webpage that is used to exploit this vulnerability. In addition, compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these websites. Instead, an attacker would have to convince users to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes users to the attacker's website."

Only users of Internet Explorer 8 are at risk, according to Microsoft. Users of Internet Explorer 6, 7, 9, and 10 are safe.

Users of Internet Explorer 8 are urged to visit Microsoft's page that explains how to enable a security measure that is designed to prevent the attack.

The Hacker News said the attack may have begun in mid-March and there is evidence that it is the work of a China-based hacking group known as "DeepPanda."

Copyright 2013 Raycom News Network. All rights reserved.

Powered by Frankly