Further Insight into Security Advisory 979352 and the Threat Landscape We wanted to provide you some insight into the vulnerability reported in Microsoft Security Advisory 979352,
which is related to our ongoing investigation into the recently
publicized attacks against Google and other large corporate networks.
We understand that there is a lot of noise about this topic right now
and we know that our customers are receiving a lot of information about
this situation from a variety of sources, so we want to provide some
additional insight. First, we will provide an update on the
threat landscape – there has been a lot of speculation, so we’ll share
detailed information on what Microsoft is seeing in terms of attacks
across all of our monitoring systems. Second, we’ll highlight what
customers should do to protect themselves. Finally, I will provide an
update on the continuing work at Microsoft to respond to this situation
and help protect our customers. In terms of the threat
landscape, we are only seeing very limited number of targeted attacks
against a small subset of corporations. The attacks that we have seen
to date, including public proof-of-concept exploit code, are only
effective against Internet Explorer 6. Based on a rigorous analysis of
multiple sources, we are not aware of any successful attacks against
IE7 and IE8 at this time. This is likely due to improved security
protections provided by newer versions of Internet Explorer and Windows
as described in our recent Security Research and Defense Blog.
In summary, we are not seeing any widespread attacks by any means, and
thus far we are not seeing attacks focused on consumers. That
said, we remain vigilant about this threat evolving and want to be sure
our customers take appropriate action to protect themselves. That is
why we continue to recommend that customers using IE6 or IE7, upgrade to IE8
as soon as possible to benefit from the improved security protections
it offers. Customers who are using Windows XP SP2 should be sure to
upgrade to both IE8 and enable Data Execution Protection (DEP), or upgrade to Windows XP SP3
which enables DEP by default, as soon as possible. Additionally
customers should consider implementing the workarounds and mitigations
provided in the ...................Continue At Source
Send via e-mail | Submit to Digg | Add to Live Favorites
http://feeds.bink.nu/~r/binkdotnu/~3/8mo0LuFqjrQ/further-insight-into-security-advisory-979352-and-the-threat-landscape.aspx
