From the past few days many people are reporting Virus Alerts, Slower internet or abnormal behaviour. On probing further it was clear that several networks have been affected. And this is our earnest attempt to help our site visitors on how to be on the safe side.And it just not affecting Microsoft IE but also Adobe Flash Player / Reader. So make sure you have the latest security patches.
To quote Symantec (the company which has developed Norton AntiVirus)
Hydraq is a targeted attack that is also currently referred to as
Aurora, Google Attacks, and the Microsoft IE Vulnerability (advisory
number 979352). Through the exploitation of a vulnerability, it
attempts to install a trojan on a specific computer that steals
information from that machine. The trojan attempts to make contact with
command and control servers in order to receive instructions and to
upload any information that it may have collected. This type of attack
is often called an advanced persistent threat
because of the sophistication and persistence of the attack within a business.
This attack is of concern to all computer users because vulnerabilities
used in this attack are now widely known and likely to be exploited by
Necessary software patch: Microsoft IE
Necessary software patch: Adobe
Hydraq is explained further in this Security Blog: The Trojan.Hydraq Incident
On McAfee site they are reporting Global Threat Condition to : Critical
Which means: Systems worldwide are being widely targeted, or may become widely
targeted by an active and available exploit or threat. An extreme
global security incident is taking or may imminently take place.
And this is affecting a lot of people using "Internet Explorer"
Microsoft has today released a very "Critical Update
" which you should not ignore and install it immediately.http://www.microsoft.com/technet/security/Bulletin/MS10-002.mspx
This security update resolves seven privately reported vulnerabilities
and one publicly disclosed vulnerability in Internet Explorer. The more
severe vulnerabilities could allow remote code execution if a user
views a specially crafted Web page using Internet Explorer. Users whose
accounts are configured to have fewer user rights on the system could
be less impacted than users who operate with administrative user
The ThreatCon is currently at Level 2: Elevated.
ThreatCon is at level 2. Microsoft has released patches to address
eight vulnerabilities affecting Internet Explorer. One of these issues
is being exploited in the wild. Customers are strongly advised to
install the patches as soon as possible.
Microsoft Security Bulletin MS10-002 - Critical
Cumulative Security Update for Internet Explorer (978207)
So we would like to recommend all the users who are using Windows Operating System to update their Windows with the latest Security Patches available on Windows Update site.
Edited by vijay - 23 January 2010 at 9:14am