By navigating our site, you agree to allow us to use cookies, in accordance with our Privacy Policy.

ESET: The Unicorn Bug is back in action

ESET

Eset has warned the Internet Explorer users about the latest bug in the Microsoft Internet Explorer. It is enabling remote code execution which further promotes cyber-attacks. The researchers of Eset have witnessed the first proof-of-concept showing the CVE-2014-6332 vulnerability, or ‘Unicorn Bug’, in action.

The original research conducted by a Chinese researcher, the proof-of-concept highlights that by using this vulnerability cyber criminals can run arbitrary code on any remote machine and can evade various anti-exploitation tools. The same Chinese researcher also noticed that an arbitrary code could also run on a computer with unpatched Internet Explorer, which visits a specially crafted website. ESET researchers started looking for such websites.

Explaining about the observation, ESET researcher stated, β€œIt was only a matter of time before we started seeing this vulnerability actively used as part of a cyber-criminal campaign. Scouring our data, we found several blocked exploitation attempts while our users were browsing a major Bulgarian website. As you might have guessed, the compromised website was using CVE-2014-6332 to install malware on the computers of its unsuspecting visitors.”

Tags

Heena Gupta

A reader at heart, this girl loves to express through writing. Her ears perk up as soon as she senses any tech molecule in the air. With the ability to use and navigate typical technologies she becomes a complete tech enthusiast. This post graduate in Mass Communication lives in the world of gadgets. Fiction, history and cartoons keep her busy in the free time. Her urge to grow mixed with excellent writing skills forces us to have her as a part of our workforce.

Related Articles

Upcoming Events