One of the biggest names in the field of Information & Technology, Google Inc, had suffered from a well coordinated and orchestrated cyber attack in the month of December last year. These attacks were largely centered on the Gmail accounts of numerous Chinese human rights activists and these users varied from different regions such as U.S, China and Europe. In the investigations conducted by Microsoft Corporation into the attacks in Google, it has been found that the famed Internet Explorer web browser was the platform through which the hackers, who are now known to be Chinese nationals were able to carry out their activities.

Microsoft has released a security advisory for an IE vulnerability, where the hackers were able to take advantage of a flawed Remote Code Execution (RCE) protocol and carry out the attacks against Google. Internet Explorer versions 6, 7, & 8 that run on various Microsoft Windows operating system such as, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 are all in open to such attacks and can prove to be an easy way for the hackers to carry out their deeds. However, the Internet Explorer 6, running on Windows 200 SP4 is found to be immune to the flaw.

AS per the security advisory released by Microsoft, the RCE vulnerability can provide crucial access to an intruder, as the individual will be able to gain rights as the local user and then could easily manipulate the system to do his bidding. In a statement, Microsoft said,

“The company has determined that Internet Explorer was one of the vectors used in targeted and sophisticated attacks targeted against Google and other corporate networks, Microsoft continues to work with Google, other industry partners and authorities to actively investigate this issue. To date, Microsoft has not seen widespread customer impact, rather only targeted and limited attacks exploiting IE6.”

Via Ars Technica