Microsoft admits IE vulnerability used in Google attack
Based on Microsoft's investigations the software giant has admitted Internet Explorer was one of the vectors used in targeted attacks against Google recently.
In a company blog posting Mike Reavey, Director of the Microsoft Security Response Center admits "based upon our investigations, we have determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks against Google and possibly other corporate networks."
Microsoft has issued further guidance to companies in order to mitigate a Remote Code Execution (RCE) vulnerability in Internet Explorer.
Google said, that in mid-December, they, along with a number of other large companies in the Internet, finance, technology, media and chemical sectors, were targeted in a sophisticated cyber-attack. This attack on their infrastructure originated in China, and resulted in the theft of intellectual property. Due to this attack, and the background behind it, Google is now taking a second look at their operations in China, particularly Google.cn, where they currently offer censored search results as part of an agreement with China's government. Google took the big step of informing the government of China that it is no longer willing to provide censored results, and will be entering into discussions regarding how it can do this without breaking Chinese law. Should Google find themselves unable to reach an agreement, they may shut down Google.cn, and close their offices in China.
Yahoo supported Google's announcements and said it would stand by the company. "We stand aligned that these kinds of attacks are deeply disturbing and strongly believe that the violation of user privacy is something that we as Internet pioneers must all oppose" said a Yahoo representative earlier this week.
China responded to Google's claims in a brief statement yesterday, stating "The Chinese government administers the Internet according to law and we have explicit stipulations over what content can be spread on the Internet." iDefense researchers at Verisign were able to trace the source of the control servers that distributed the malware which gained access to private customer and corporate Google data. Verisign's initial findings suggest the source of the servers consisted either of agents of the Chinese state or proxies thereof.