Google Users targeted with Windows Exploit


Recommended Posts

  Quote
Highly targeted, politically motivated attacks that affect all supported versions of Microsoft?s Windows operating system are being carried out on Google users, requiring the search giant to issue a bulletin warning those who use its services.

Attacks on Google users utilise an unpatched MHTML vulnerability that, although disclosed in January, allows attackers to steal sensitive information by exploiting the way Internet Explorer users on Windows parses MIME-formatted webpages, also allowing trusted websites to be spoofed and actions to be performed without authorisation.

Microsoft has issued a temporary fix but it is unknown how long it will be until a full patch is released.

Google, worried that its users were at risk, issued a warning via its Online Security blog, stating that the company believed activists were the target of the attacks. Interestingly, the post noted that users of another popular social site (possibly Facebook, which will not confirm either way) were also being targeted:

We?ve noticed some highly targeted and apparently politically motivated attacks against our users. We believe activists may have been a specific target. We?ve also seen attacks against users of another popular social site. All these attacks abuse a publicly-disclosed MHTML vulnerability for which an exploit was publicly posted in January 2011. Users browsing with the Internet Explorer browser are affected.

For now, we recommend concerned users and corporations seriously consider deploying Microsoft?s temporary Fixit to block this attack until an official patch is available.

Google says that it has deployed ?various server-side defences? to make the the MHTML vulnerability harder to exploit, adding that although the measures are in place, they cannot be guaranteed to be 100% reliable. With that in mind, the company is in contact with Microsoft to work on a solution for the issue.

If you are an Internet Explorer user and want to make sure you are not vulnerable to the MHTML exploit, head to Microsoft?s patch page and install the update.

TNW

  On 13/03/2011 at 16:58, z0phi3l said:

Again who in their right mind would still be using IE?

Again who in their right mind would still be using Firefox ?

It's a shame that people feel the need to exploit an operating system to steal details and information from others. I hope everyone who runs Internet Explorer has the sense to download the patch, assuming Internet Explorer 9 did not come with it bundled. I am glad I don't use Internet Explorer for reasons like these. :/

  On 13/03/2011 at 17:09, xMP44x said:

It's a shame that people feel the need to exploit an operating system to steal details and information from others. I hope everyone who runs Internet Explorer has the sense to download the patch, assuming Internet Explorer 9 did not come with it bundled. I am glad I don't use Internet Explorer for reasons like these. :/

Because other browsers don't have problems like these? IE9 doesn't have it since you bring that up.

  On 15/03/2011 at 16:12, Growled said:

Moral of the story, be security aware always, and that includes being up to date on patching and using other secure software.

Actually I think this is a Zero Day that Microsoft hasn't patched yet.

But they do have a fixit tool available

http://support.microsoft.com/kb/2501696

Security Now episode 291

  Quote

Steve: Well, yes, we are just past our standard second Tuesday of the month. So Microsoft has actually a rather lean response this month. They fixed four different vulnerabilities, one which was critical in their media playback which affected all the recent OSes - XP, Vista, and Windows 7 - such that, if you went to a site that had a specially crafted malicious video, it could execute code on your machine. That they fixed.

The bad news is the zero-day exploit, which we have talked about recently, the so-called MHTML exploit - MHTML is sort of a pseudo protocol. In the same way that we have HTTP:, Microsoft defines MHTML: as a way to invoke MIME-encoded HTML. We talked about how that's used for archiving whole web pages, in the same way that MIME stands for Multipart, what is it, Multipart Internet Message Extension or something?

Leo: Yeah, something like that.

Steve: For allowing email to contain nontextual things, like photos and so forth, MIME is how you do that. Similarly, this is how Microsoft has their own proprietary format for storing an entire web page including all of its assets, its other photos and so forth. There's a problem with it such that, if you go to a website that invokes this protocol, similarly they're able to get their own code to run on your machine. Well, that didn't get fixed this Tuesday, and I was hoping it was because it is being actively exploited in the wild.

So I wanted to remind our listeners that there is a one-click easy Fixit button that Microsoft offers. If you go to go.microsoft.com, then ?linkid=9760419, that will take you to this page with the quick fix dealie that just disables that protocol. And probably everyone, I mean, it's one of those things that's on by default. It's got a problem in it that, if you don't know you need it, you probably don't. So, I mean, I immediately went there and just said, I don't need this, I'm turning it off. And had Microsoft fixed it a couple days ago, we'd probably be okay. But like these things, now that it's seen that Microsoft hasn't fixed it, we can expect more exploits to happen. So...

Leo: It's a "sit up and take notice" to hackers.

Steve: It's a problem, yes, exactly. They're saying, hey, we've got another month, probably. So let's jump on this. So more important to do that. So I don't know what you could Google to get there. It's MHTML exploit, but you can go to go.microsoft.com/?linkid=9760419.

Leo: And I get a download, immediate download when I go there. So you're getting a .msi file, an installer.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • UI is slow but you prefer a slower UI to a snappier UI basically. Everyone is different.
    • XFX 9060 XT 16 GB is $349 on Amazon (shipped & sold by Amazon) https://www.amazon.com/dp/B0F8...p;previewDohDeal=1&th=1 People - never trust any neowin deals posted - they are the worst at seeking deals, and just want to peddle their own to make a quick buck. It's disgusting.
    • It's a grey market key - proceed at your own risk. It's baffling that neowin supports this shady stuff.
    • Arc 1.57.0 by Razvan Serea ARC browser is finally here for Windows, bringing its unique and modern approach to browsing. With a clean interface and a powerful sidebar, ARC makes managing tabs and organizing your workflow a breeze. You can group tabs, pin important pages, and quickly switch between work and personal spaces without clutter. It’s designed to be fast, customizable, and genuinely useful, making it more than just a browser—it’s a productivity tool. If you’re on Windows and want a fresh way to browse and stay organized, ARC is worth checking out. ARC browser key features: Split View: Work with multiple tabs side by side in a single window for efficient multitasking. Tab Grouping: Organize tabs into customizable groups for better workflow management. Pinned Tabs: Keep essential pages permanently accessible in the sidebar. Spaces: Create separate workspaces for different projects or personal use, reducing clutter. Sidebar Integration: Access bookmarks, notes, and tools directly from the sidebar for quick navigation. Customizable Themes: Personalize the browser’s appearance with themes and color schemes. Quick Search: Find tabs, history, or bookmarks instantly with a powerful search bar. Lightning-Fast Performance: Built for speed with optimized resource usage and minimal lag. Built-in Note-Taking: Jot down ideas or save snippets directly within the browser. Focus Mode: Hide distractions and focus on a single tab or task. Cross-Device Syncing: Seamlessly sync your data across multiple devices for a unified experience. Keyboard Shortcuts: Boost productivity with customizable shortcuts for common actions. AI-Powered Suggestions: Get smart recommendations for tabs, bookmarks, and workflows. Privacy Controls: Built-in tools for blocking trackers and managing cookies for enhanced security. Extensions Support: Compatible with popular browser extensions to extend functionality. Arc Browser 1.57.0 release notes: ''Thanks as always for using Arc. This week's release includes a bump to Chromium 137.0.7151.69, which patched three security vulnerabilities. Enjoy!'' Download: Arc Browser 1.57.0 | 1.9 MB (Freeware) View: Arc Browser Website | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • they put useless AI, new plastick sticker 8K and price +$80 for nothing
  • Recent Achievements

    • First Post
      Uranus_enjoyer earned a badge
      First Post
    • Week One Done
      Uranus_enjoyer earned a badge
      Week One Done
    • Week One Done
      jfam earned a badge
      Week One Done
    • First Post
      survivor303 earned a badge
      First Post
    • Week One Done
      CHUNWEI earned a badge
      Week One Done
  • Popular Contributors

    1. 1
      +primortal
      427
    2. 2
      +FloatingFatMan
      237
    3. 3
      ATLien_0
      213
    4. 4
      snowy owl
      207
    5. 5
      Xenon
      159
  • Tell a friend

    Love Neowin? Tell a friend!