Microsoft flaw used to attack French aerospace employees, veterans
Published on Feb 15, 2014 2:07 PM
SAN FRANCISCO (REUTERS) - A flaw in recent versions of Internet Explorer was used to attack visitors to a website for United States (US) military veterans, and also appears to have been used earlier against French aerospace industry employees, researchers said on Friday.
The flaw in Microsoft Corp's IE 10 Web browser was reported on Thursday, days after it was used inside the Web page of nonprofit US group Veterans of Foreign Wars (VFW). The VFW said on Friday that an unspecified federal law enforcement agency is investigating and that the malicious code on its site had been removed.
Security firm Websense Inc said it found similar attack code on a page set up on Jan 20 with a Web address nearly identical to one used by a French aerospace association.
That suggests the attacks using the flaw have been going on for at least three weeks, but might have succeeded earlier against higher-value targets and escaped discovery, said Websense director of security research Alexander Watson.
To continue reading, log in if you are a subscriber
If you are not a subscriber, you can get instant, unlimited access here