IE exploit release can potentially lead to increase in cyberattacks

ExplorerAccording to a PCWorld report, attack code which is capable of exploiting an unpatched vulnerability detected in all supported versions of Microsoft's Internet Explorer (IE) web browser has been released into the wild.

The report implies that the release of the IE exploit - called CVE-2013-3893 - can potentially lead to an increase in cyberattacks, and can affect IE users.

As per the PCWorld report, the insertion of the exploit - which was integrated into Rapid7's open-source Metasploit penetration testing tool on Monday - into Metasploit gives the accessibility of the attack code to security professionals as well as cybercriminals. As such, the integration of the CVE-2013-3893 exploit into Metasploit implies that there could be a surge in cyberattacks.

About the possibility of an increase in cyberattacks because of the CVE-2013-3893 exploit, Jaime Blasco - research team manager at security firm AlienVault - told PCWorld. "I'm sure if Metasploit includes this exploit we will see an increase on widespread exploitation."

Meanwhile, the PCWorld report has also revealed that the IE exploit - for which Microsoft is yet to release a permanent patch - has apparently been on the loose for the last three months. However, the majority of the attacks thus far have targeted organizations in Japan and Taiwan.

General: 
Companies: