SonicWALL, a secure network infrastructure company, has deployed Intrusion Prevention (IPS) signatures in its Gateway AV/IPS technology to address the flaws in Windows IE.
According to the company, anyone who visits a site that has been hacked due to the IE vulnerability could be at risk. Exploiting a component of Microsoft DirectShow, hackers are able to create HTML pages with malicious JavaScript parsed in an IE browser to infect users’ computers without their knowledge. The URL JavaScript is used to find an instance of the vulnerable control and feed it with a malformed image, likely to be logo.gif, causing it to crash and execute the malcode.
Boris Yanovsky, vice president of vulnerability research team at SonicWALL, said: While Microsoft is working to develop a patch update for this, there is a significant window of opportunity for hackers to exploit the vulnerability and infect PC’s without the user’s knowledge.”
He further said: “We expect to see social networking sites such as Facebook, Flickr and Twitter being leveraged to infect large numbers of computers worldwide. It’s critical to protect our customers, so our gateway threat prevention services automatically defend against exploits of the Internet Explorer vulnerability.
