'State-sponsored attackers' using IE zero-day to hijack GMail accounts

By Ryan Naraine
June 13, 2012, 9:36am PDT

Summary: Microsoft’s advisory speaks of “active attacks” and follows a separate note from Google that references the IE flaw “being actively exploited in the wild for targeted attacks.”

Microsoft and Google have separately warned about a new Internet Explorer zero-day being exploited to break into GMail accounts.

The browser flaw, which is currently unpatched, expose Windows users to remote code execution attacks with little or no user action (drive-by downloads if an IE users simply surfs to a rigged site).

see full report