Published in
News
IE 7 exploit out
Hole patched last week
If you are running a copy of IE7 you might like to make sure that your patches are up to date. Cybercriminals are exploiting a critical hole in Internet Exploder that was patched a week ago by Microsoft.
Security outfit Trend Micros said that the malicious code, dubbed "XML_DLOADR.A," is hidden in a Word document. On unpatched systems, when the file is opened an ActiveX object automatically accesses a Web site to open a backdoor that installs a .DLL file that can steal information. Once it has done all that it sends stolen data to another Web address via port 443.
Anyone can run commands on the affected system, Trend claims. Obviously they have not met my aunt who couldn't command her way out of bed for 20 years. Anyway the hack appears to come from China..