Trend Cloud Security intercept IE 7.0 Zero vulnerability attack Web page

December 9, Microsoft regularly released patches, but the next day the latest IE7.0 0 jet lag attack, this weakness has not yet been patched. Hackers exploit this vulnerability to embed harmful JavaScript and to attack Web surfers through Microsoft Internet Explorer7.0 Web browsers sdhtml weaknesses in processing XML. Users may be hacked for using IE7.0 even if they update the last patch released in Tuesday.

Trend Technology Cloud security technology, using the millisecond operation speed, you can successfully intercept the malicious attacks in 7-15 minutes (the following figure, for the December 10 statistics screen). In fact, trend technology has already created the fastest 7 minutes to intercept the virus case, on December 9 1:04 A.M. 8.277 seconds, cloud Security received URL: Hxxp://wieyou.com/iiee/explore.exe query, only about 7 minutes, On December 09, 1:11 A.M. 22.51 seconds, the URL was successfully intercepted. The virus attribute of the URL is established in the cloud database, and it can prevent other users from continuing to suffer from the URL, so as to achieve the protection effect of 0 second barrier virus.

Trend technology has found that the sites that exploit this vulnerability have so far had 85 sites located in China, and cloud security technology can successfully block malicious web hosting. Trend Technology Web Security Gateway IWSA (Interscan Web Secure Appliance) and network version OfficeScan 8.0 Embedded Cloud security technology can always help trend technology users to achieve effective protection. In the virus code and the revision before the release of the vulnerability Attack empty window period, the trend of technology users can be assured to avoid attacks.

Users who use IE7.0, if they do not do a good job of protection, once connected to malicious Web pages, the computer will automatically download a set of Trojan horse program, resulting in direct economic losses. At present, trends in technology detected by these Trojans are:

Tspy_onlineg. Ejh

Tspy_onlineg. Ejg

Tspy_onlineg. HAV

Tspy_onlineg. ADR

It is understood that the malicious attack program has developed "Web page Hanging Horse Generator", and in the underground black market trading, is expected to be more malicious attacks will appear in the short term. In response, trend technology calls for users of non-trending technologies to take the following precautions when Microsoft releases the patch's empty windows:

In addition to browsing the web may be implanted, also want to email or IM related connection.

Try using a browser other than IE.

Try to deactivate Java Script, but this will make it impossible for many dynamic pages to navigate properly.

Using the only online large-scale anti-drug engine using cloud computing, you can intercept the WRS Web site credit rating service before the user touches the malicious website. Free Download: Internet-free electronic eye (WTP) or trend Technology network security expert 2009.