Absrtact: April 28 a day ago Microsoft confirmed that all versions of IE browser a high-risk vulnerability, hackers can exploit the vulnerability of remote attacks on users ' computers, and then delete or steal the victim user data. Microsoft's official stance is fixing the vulnerability, but WinXP users cannot get
April 28, Microsoft confirmed that all versions of IE browser a high-risk vulnerability, hackers can exploit the vulnerability of remote attacks on users ' computers, and then delete or steal the victim user data. Microsoft's official statement is fixing the vulnerability, but WinXP users cannot get patch updates, and XP users who continue to use IE6-IE8 browsers face serious risks. This is the first major flaw in Microsoft's support for XP, and security software is on the verge of a big test, with 360 of domestic security companies taking the lead in defending against this vulnerability.
The first remote 0day vulnerability after XP stopped
The vulnerability was first discovered by U.S. security agency FireEye in Friday, and Microsoft confirmed it in Saturday, saying the vulnerability affected all versions of IE from IE 6 to IE 11. The affected IE browsers share as much as 55% of the global browser market, according to research firm NetMarketShare data.
FireEye said a hacker group had exploited the loophole to launch an attack codenamed "Secret Fox Operation". FireEye did not disclose the name of the company under attack and the identity of the hacker group, but said investigations into the matter were still ongoing.
Microsoft said in its proposal that the vulnerability could lead to a full control of the affected system by the hacker, which could then delete data, install malicious software, and create full rights accounts.
Microsoft also said that the company is currently in the process of developing the patch of the vulnerability. However, Windows XP users cannot get this update because Microsoft has stopped technical support for Windows XP. Information security experts estimate that 15% to 25% of the world's PCs still use Windows XP systems.
After Microsoft stops the XP update service, the security of XP will be entrusted by the third party safety company, the first IE major security flaw will test the protection ability of the third party security software.
Security software ushered in a big exam
As early as 27th in Beijing time Microsoft confirmed the vulnerability, 360 security guards on the release of micro-blog said, 360 security defender XP Shield armor to protect against this vulnerability attack samples. 360 is also the first in the country to confirm the protection of this vulnerability security software
Previously, Coseinc, a leading Asian security agency, issued an XP protection evaluation report to check whether security software effectively protects XP systems that have lost Microsoft support. The report shows that eight security software in the evaluation of XP vulnerability attacks on the overall interception rate of only 63.3%, from China's 360 security guards is the only 100% to intercept all vulnerabilities attack products.
Coseinc selected eight security software that is popular in Asia as a benchmark, including Avast, AVG, Avira, Bitdefender, Kaspersky and 360 security guards from China, Jinshan poison fighter and Tencent Computer Butler, and China is also windows One of the countries with the highest XP usage rates.
The report shows that Coseinc uses a "Black-box" test method that simulates hackers ' attacks on vulnerabilities that have occurred in the past five years, including XP SP3, IE8, and Office2003, with a total of 15 attack samples, which include Excel, which is used by advanced spy networks for "harpoon" attacks Featheader records a well-known vulnerability such as remote code execution vulnerabilities. Of all 120 vulnerabilities, eight security software successfully defended 76 times, with an average interception rate of 63.3%.
360 security guards in Coseinc International evaluation of XP protection ability ranked first
The best performance of the software is 360 security guards, 15 vulnerable attack samples were intercepted; Avira from Germany successfully intercepted 12 attacks, ranked second by 80% of the interception rate, Kaspersky successfully intercepted 11 attacks and ranked third, and it is in the Windows kernel right to exploit the vulnerability ( Cve-2011-2005 's defense only prompts a risk window, by which the user chooses whether or not to trust, which is coseinc as ineffective defense and affects the final result.
The worst-performing security software is the same from China's Jinshan poison PA and Tencent computer housekeeper, each only to prevent 5 attacks, the vulnerability interception rate of 33.3%. Jinshan Poison PA to Office2003 attack all failed to intercept; Windows XP kernel flaw is Tencent computer Butler's fatal short board, 6 times kernel flaw attack Tencent only successfully defend to live among them 1 times.
Headquartered in Singapore, Coseinc has long been providing security consulting services to the Singaporean government and reputable companies, and has a high profile in the security industry in Asia and around the world. At the 2006 World Black Hat Convention (Blackhat), Polish female hackers from Coseinc Joanna Rutkeska breached the most secure vista system.