Threatpost posted a story that another malicious website has been discovered hosting an exploit for the zero-day vulnerability Internet Explorer patched by Microsoft last week
The vulnerability was discovered more than a week ago by researcher and Metasploit contributor Eric Romang, while monitoring infected servers hosting exploits for a pair of Java zero-day vulnerabilities discovered in August. Romang found similar HTML pages and a malicious Flash movie file serving up the Poison Ivy RAT.Another IE Exploit Targeting Defense Industry Discovered
He contributed to a Metasploit exploit module that was released on Monday. One day later, researchers at AlienVault discovered three more exploits targeting defense industry-related sites in the United States and India. These were dropping the PlugX RAT. All of the exploit activity is being attributed to Nitro, a group of hackers in China.
This activity prompted Microsoft to first issue recommended workarounds, followed by a FixIt solution that would temporarily mitigate the vulnerability until it released an out-of-band patch on Friday.