Hi malware fighters,
Chinese run the greatest risk of getting infected from the vulnerability in IE that became patched last Thursday. Alleged Chinese hackers used this exploit to compromise Google and some 30 different corporations. The market share of IE6 in China totals up to over 60%, while in the Netherlands around 10% of Internet users use the nine year old browser. Worldwide the Microsoft browser has a market share of some twenty procent. Partly this is because firms use it and are dependant on it for applications running on top of it and rolling out another browser version creates problems and costs, like in India where some 40% of the Internet population still is on IE6.
In the mean time the exploit is not only being used for directed attacks, but also targets end-users . Security vendor Symantec has found up the exploit code in India, Poland, China and Korea. But it is the Chinese end-user that runs the greatest risks, there are hundreds of websites with the exploit, overal 62% of sites with exploit-code are in Chinese, running on Chinese server. The attack is not 100% succesful and buggy, as is shown from an analysis:
http://www.symantec.com/connect/blogs/trojanhydraq-incident-analysis-aurora-0-day-exploit"But the exploit is lively dangerous and can be used succesfully to spread malicious software", according to Symantec's Andrea Lelli,
http://www.computerworld.com/s/article/9147299/IE_attacks_pose_small_threat_to_U.S._big_risk_to_Chinahttp://www.security.nl/popup/2531polonus
