European Aeronautical Supplier's Website hacked
VARINDIA- INDIA'S FRONTLINE IT MAGAZINE
Sophos Labs has determined that the website of a European aeronautical parts supplier – which is currently not being named due to the sensitivity of the situation - had been hacked, and a malicious attack planted on the website which exploits zero-day Microsoft security vulnerability.
Users running any flavour of currently-supported Windows are vulnerable, from XP, up to and including Windows 7. All supported editions of Microsoft Office 2003 and Microsoft Office 2007 are also vulnerable. There is not yet an official patch from Microsoft, but the company recommends that Internet Explorer and Microsoft Office users immediately install a Fix-it solution, downloadable with instructions from Microsoft Knowledge Base Article 2719615, until the company issues an official fix.
Graham Cluley, Senior Technology Consultant, Sophos, said, "Don't underestimate the seriousness of this vulnerability. It is being actively exploited in the wild, and there is currently no patch available for it. As a result, Sophos has raised its threat level rating to its highest level - 'Critical'. Sophos does provide protection against the exploit, but the best solution of all would be to have a proper fix from Microsoft. And for now, at least, we are waiting to see when that is going to appear."
For More Details See
www.varindia.com