China attacks exploited flaw in Outlook browser
SAN FRANCISCO – Security-software maker McAfee Inc. said Thursday that a flaw in Microsoft Corp.’s Internet browser was exploited in recent cyberattacks on Google Inc. and others that have caused the search giant to consider pulling out of China.
George Kurtz, McAfee’s worldwide chief technology officer, wrote on a company Web site that McAfee has informed Microsoft about the flaw in its Internet Explorer browser.
“We are working with multiple organizations that were impacted by this attack, as well as the government and law enforcement,” Kurtz wrote. “These attacks will look like they come from a trusted source, leading the target to fall for the trap and clicking a link or file. That’s when the exploitation takes place, using the vulnerability in Microsoft’s Internet Explorer.”
Because of its widespread popularity, Microsoft’s technology is often targeted by hackers.
Microsoft said in a statement posted on a company Web site that, “We recently became aware that a vulnerability in Internet Explorer appears to be one of several attack mechanisms that were used in highly sophisticated and targeted attack against several companies.
“Our teams are currently working to develop an update, and we will take appropriate actions to protect our customers,” Microsoft said.