|
SAN FRANCISCO
— Security-software maker
McAfee Inc.
said Thursday that a flaw in
Microsoft Corp.'s
Internet browser was exploited in recent cyber-attacks
on
Google Inc.
and others that have caused the search giant to consider
pulling out of
China
.
George Kurtz
,
McAfee's
worldwide chief technology officer, wrote on a company
Web site that
McAfee
has informed
Microsoft
about the flaw in its Internet Explorer browser, and
that
Microsoft
is expected to soon publish a related advisory.
"We
are working with multiple organizations that were
impacted by this attack, as well as the government and
law enforcement," Kurtz wrote. "These attacks
will look like they come from a trusted source, leading
the target to fall for the trap and clicking a link or
file. That's when the exploitation takes place, using
the vulnerability in
Microsoft's
Internet Explorer."
Because
of its widespread popularity,
Microsoft's
technology is often targeted by hackers aiming to find
vulnerabilities so they can unleash malicious attacks
and other security breaches.
Microsoft
said in a statement posted on a company Web site that,
"We recently became aware that a vulnerability in
Internet Explorer appears to be one of several attack
mechanisms that were used in highly sophisticated and
targeted attack against several companies."
"Our
teams are currently working to develop an update, and we
will take appropriate actions to protect our
customers,"
Microsoft
said.
Google
cited recent cyber-attacks on its network, apparently
aimed at identifying advocates for democratic reform in
China
, as a reason for it to reconsider doing business
directly in the Middle Kingdom. The announcement came as
a surprise, as the Chinese market — with its massive
and still-expanding number of users — is seen as
invaluable for global Internet businesses.
At least
20 other companies were hit with similar attacks in
recent weeks, according to
Google
, though it did not identify them.
Microsoft
has said that its network and e-mail systems do not
appear to have been a target of the attacks.
Adobe Systems Inc.
, however, acknowledged that it has been hit with a
"sophisticated, coordinated attack," but
declined to comment further.
Yahoo Inc.
reportedly was also the target of a related attack,
though the company declined to comment.
The
White House
on Thursday said it supports
Google's
decision to stop censoring its local search results in
China
in the wake of the cyber-attacks, a move seen as likely
to mean the end of its ability to do business there.
Earlier,
U.S. Commerce Secretary
Gary Locke
said that the attacks alleged by
Google
are "troubling," and "should be equally
troubling to the Chinese government."
|
