A zero-day attack is a threat that tries to exploit unknown or undisclosed computer application vulnerabilities before a vendor patch is released to the public.
The exploit, first seen in China and other parts of Asia, targets Internet Explorer 7 on Windows XP and 2003, using malformed XML tags to take control of a PC. It crashes the browser and runs malicious code when it is restarted.
A ZDNet report says the exploit may have been “accidentally” let loose by Chinese security researchers, and is expected to cause havoc over the holiday period.
“The IE7 Zero-Day is really nasty. No patch. Mitigation options are not good; some are draconian. Dig in folks; this could be a rough ride,” said Rick Howard, director of intelligence at iDefense Security Intelligence Services, quoted by ZDNet.
Australia’s AusCert watchdog is advising users to dump Internet Explorer 7, at least for the time being, in favour of another browser.
Said an AusCert bulletin: “A serious vulnerability has been identified in Microsoft Internet Explorer 7, which is currently being exploited in the wild. This vulnerability could allow the remote execution of arbitrary code when visiting potentially malicious Web sites.
“As a patch has not been released at the time of this publication, it is highly recommended that users consider using a Web browser other than Internet Explorer until a patch becomes available.”