Microsoft admits IE vulnerability used in Google attack

Based on Microsoft's investigations the software giant has admitted Internet Explorer was one of the vectors used in targeted attacks against Google recently.

In a company blog posting Mike Reavey, Director of the Microsoft Security Response Center admits "based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks."

Microsoft has issued further guidance to companies in order to mitigate a Remote Code Execution (RCE) vulnerability in Internet Explorer.

Google said, in a blog posting on January 12, that in mid-December, they, along with a number of other large companies in the Internet, finance, technology, media and chemical sectors, were targeted in a sophisticated cyber-attack. This attack on their infrastructure originated in China, and resulted in the theft of intellectual property. Due to this attack, and the background behind it, Google is now taking a second look at their operations in China, particularly Google.cn, where they currently offer censored search results as part of an agreement with China's government. Google took the big step of informing the government of China that it is no longer willing to provide censored results, and will be entering into discussions regarding how it can do this without breaking Chinese law. Should Google find themselves unable to reach an agreement, they may shut down Google.cn, and close their offices in China.

Yahoo supported Google's announcements and said it would stand by the company. "We stand aligned that these kinds of attacks are deeply disturbing and strongly believe that the violation of user privacy is something that we as Internet pioneers must all oppose" said a Yahoo representative earlier this week.

China responded to Google's claims in a brief statement yesterday, stating "The Chinese government administers the Internet according to law and we have explicit stipulations over what content can be spread on the Internet." iDefense researchers at Verisign were able to trace the source of the control servers that distributed the malware which gained access to private customer and corporate Google data. Verisign's initial findings suggest the source of the servers consisted either of agents of the Chinese state or proxies thereof.

Report a problem with article
Previous Story

Steve Jobs' original name choice for the iMac revealed

Next Story

Welcome to Neowin 6

18 Comments

Commenting is disabled on this article.

This is all about IE6 and XP specifically. Encourage everyone you know to move from XP or ditch IE6.

I wonder how many of these vulnerbilities are in other browser that were ALSO released back in 2002.

Somehow software can be several generations behind, and be outdated by 7 years, and Microsoft is slapped around because people will not upgrade. If someone was using Firefox 1.0 and getting exploited, everyone would be, upgrade to the newer version you idiot.

Sure the 7 year old version of IE sucks, but compared to a seven year version of Flash, Mozilla, etc how do you think they would compare, really?

This problem doesn't exist in newer versions of IE, and is impossible to exploit on Vista or Win7 because of the IE version and IE protected mode, that currently makes IE on Win7 the most secure way to browse the Internet ironically.

(Yes go look at the numbers from patches to exploits discovered to even exploits successfully used, IE7 and IE8 on Vista and Win7 are the most secure browsers based on the numbers, and add in the potential 'exploit' factor that protected mode prevents even if a flaw is found, it makes the numbers even lower.)

See how to mitagate the the Google/IE vulnerability using Windows Group Policy at http://www.grouppolicy.biz/2010/01/how-to-mitigate-kb979352-a-k-a-google-china-security-vulnerability-using-group-policy/

carmatic said,
so the Chinese government cares more about enforcing censorship than catching the crooks who did the hacking?

Well, no. The Chinese government did the hacking itself.

day2die said,

Well, no. The Chinese government did the hacking itself.

+1 So clearly China is less than inclined to investigate this any further or bring these hackers to justice... It would be a liiiiitle counter productive... ;)

Edited by M_Lyons10, Jan 16 2010, 9:06am :

M_Lyons10 said,

+1 So clearly China is less than inclined to investigate this any further or bring these hackers to justice... It would be a liiiiitle counter productive... ;)

ahh yes, i missed the story on the front page... pardon me

just so everyone is aware..
Windows 7 is unaffected by default because of Protected Mode and DEP, same goes for Vista
so far affected is Windows XP and IE6, specifically, i'd say an OOB update is right round the corner

I find it odd, and fishy that anyone at google would use IE at all. I think this is more Google trying to PR spin a big break in their fancy cloud system.

GP007 said,
I find it odd, and fishy that anyone at google would use IE at all. I think this is more Google trying to PR spin a big break in their fancy cloud system.

even though Microsoft themselves have admitted the vun?

XerXis said,
because they only found out about it after the attack?
According to reports, Microsoft has said they knew about the flaw before. But were "in process" of working on getting around to fixing it.

Internet Explorer was one of the vectors ..Also, i find it odd how IE (that too IE6) was used in Google..and even if so, is it so easy to hack into Google just with IE6 vulnerability...

I think the hackers where brilliant in using tools, proxies etc to attack it.