The dangerous Internet Explorer attack code used in last month's attack on Google's corporate networks is now public.
The code was submitted for analysis Thursday on the Wepawet malware analysis Web site, making it publicly available. By Friday, it had been included in at least one publicly available hacking tool and could be seen in online attacks, according to Dave Marcus, director of security research and communications at McAfee.
The attack is very reliable on Internet Explorer 6 running on Windows XP, and it could possibly be modified to work on more recent versions of the browser, Marcus said. "The game really changes now that it's hosted publicly," he said.
A hacker could use the code to run unauthorized software on a victim's computer by tricking them into viewing a maliciously crafted Web page.
The link for this article located at InfoWorld is no longer available.
