State-sponsored attackers likely used IE exploit to target Gmail accounts
Microsoft is warning of "active attacks" using a hole in its XML Core Services technology that could allow an attacker to take control of a computer if a user was enticed to open a malicious Web page using Internet Explorer.
Microsoft has a Fix it tool that blocks the attack vector for the vulnerability, but has not issued a security patch yet. Computers running Windows, Office 2003 and Office 2007 are affected.
In its security advisory on the issue, Microsoft acknowledges the Google Security Team for working with the company on the MSXML Uninitialized Memory Corruption Vulnerability. Microsoft also thanks a Chinese security team, Qihoo 360 Security Center, for reporting the vulnerability.
The advisory comes one week after Google began warning Gmail users when they the company detects that state-sponsored phishing or malware attacks are targeting the accounts. Google previously has warned users about attacks that appeared to originate in China, including attacks in 2009 that involved a vulnerability in IE.Ryan Naraine at CNET sister site ZDNet, citing an unnamed source, reports that the attacks using the IE hole was the catalyst for Google's warning about state-sponsored attacks.
A Google spokesman told me that the state-sponsored warning is not tied to any specific attack but is representative of a larger class of attacks, and pointed to the company's original blog post when asked to elaborate.
So, it sounds like the IE attacks are just one of the attacks being used to target Gmail users.
Meanwhile, Microsoft also patched 13 vulnerabilities in IE in its most recent Patch Tuesday update yesterday.