Center for Defense Information Compromised

Date:07.27.2009

Threat Type: Malicious Web Site / Malicious Code

Websense® Security Labs™ ThreatSeeker™ Network has discovered that the Center for Defense Information (CDI) Web site has been compromised.

The site is injected with a JavaScript code that exploits the latest Microsoft Office Web Components Control vulnerability, as shown below. The vulnerability is in the Internet Explorer ActiveX control used to display Excel spreadsheets (CVE-2009-1136).

The exploit code pushes a Trojan from hxxp://vicp.cc/. The Trojan has more than 50% detection. Note that Microsoft provides a workaround for the problem in their Fixit program.

Websense Messaging and Websense Web Security customers are protected against this attack.

•  Subscribe to this feed »