Over the last few days, Websense has been identifying and protecting its customers – your clients – from a new Windows Vector Markup Language (VML) zero-day vulnerability. The potential risks to customers not protected by Websense are high.
Key points about the VML vulnerability
- There is no patch available for this Internet Explorer exploit, it is expected to quickly spread to thousands of websites as soon as this weekend. No patch is expected from Microsoft until October 10th.
- WebAttacker, a commonly known spyware toolkit, has been recently been updated with new code and is being used to take advantage of a bug in the way IE handles VML.
- Websense has identified more than 10,000 websites infected with the malicious WebAttacker toolkit.
Here's how your Websense customers are protected against this threat
- Websense solutions block access to malicious websites and provide constant updates via Real-Time Security Updates.
- Websense identifies the software associated with Trojan Horses and other malicious applications, preventing the malicious software from running and propagating or updating.
- Websense Security Labs continues to monitor the situation, and updated information can be found at www.websensesecuritylabs.com
What is the media saying
Listed below are recent news articles about the VML vulnerability.
Type Éditeur de solutions
Rss
PDF
Salle de presse