Web filtering security company Websense says its ongoing scan of the Intenet has turned up hundreds of sites exploiting an unpatched security whole in Microsoft’s Internet Explorer.Using honey clients, Websense constantly scans the internet at the rate of 75 million per day looking for malicious websites. As new websites are discovered and researched, they are added to the Websense URL database and categorised. Websense defences work by adding malicious websites to a black list database using real time updates.
The websites are specially crafted to exploit the IE vulnerability which allows them to run code on the user’s machine. The vulnerability allows a malicious attacker to run shell code that connects via HTTP and downloads malicious code such as Bot variants, backdoors, and other Trojan Horses.
This latest “zero-day” vulnerability in IE is unlikely to be patched until next month at the earliest leaving surfers with no protection against the existing sites exploiting the vulnerability.
“This exploit demonstrates the power of the Websense security solution. Even before the vulnerability can be patched and anti-virus signatures were available, Websense security customers were protected,” said Leo Cole, vice president, marketing for Websense, Inc. “This level of detection and automatic protection is only available with Websense’s web security approach.”