New Attacks Target IE7 Flaw

Internet attack trackers and antivirus companies warn that a flaw in Internet Explorer 7 (but not earlier versions) that Microsoft just patched last week is under attack in the wild. The attacks appear to be targeted and small-scale right now, but will likely grow.

Trend Micro describes a somewhat roundabout attack that starts with an e-mailed .doc file that, when opened, exploits the MS09-002 vulnerability to download and install remote-control backdoor malware.

Trend writes that this approach is likely part of a targeted attack. Such assaults typically involve more legwork on the part of crooks to construct a realistic spam message that may appear to come from a co-worker, for instance, and have a poisoned .doc or other file attached.

But the Internet Storm Center warns that while antivirus vendors currently only report .doc-using attacks, "there is absolutely nothing preventing attackers from using the exploit in a drive-by attack." And they expect that to happen very soon.

The good news is that to protect yourself, you only need to make sure you've closed the hole by applying last week's patch. It was distributed via Automatic Updates, so you can double-check that you got it by running Windows Update. Or head to the Microsoft security bulletin.

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Shop Tech Products at Amazon