A vulnerability in Microsoft’s Internet Explorer (IE) 10 targeting an Americans war veterans website has been discovered by internet security company FireEye.
The previously unknown vulnerability, known as a zero-day attack, has been used to target law firms, United States government entities, information technology entities and mining organisations.
“The exploit targets IE 10 users visiting the compromised website – a classic drive-by download attack. Upon successful exploitation, this zero-day attack will download a XOR encoded payload from a remote server, decode and execute it,” the company said.
“The proven ability to successfully deploy a number of different private and public RATs using zero-day exploits against high-profile targets likely indicates that this actor will continue to operate in the mid to long-term.”
