IE Zero-Day Exploit Disappears On Reboot

nk497 writes "Criminals are taking advantage of unpatched holes in Internet Explorer to launch 'diskless' attacks on PCs visiting malicious sites. Security company FireEye uncovered the zero-day flaw on at least one breached U.S. site, describing the exploit as a 'classic drive-by download attack'. But FireEye also noted the malware doesn't write to disk and disappears on reboot — provided it hasn't already taken over your PC — making it trickier to detect, though easier to purge. '[This is] a technique not typically used by advanced persistent threat (APT) actors,' the company said. 'This technique will further complicate network defenders' ability to triage compromised systems, using traditional forensics methods.'"

Re:Advanced Persistant Threat (APT)

[Anonymous Coward]

Seems kinda silly for Debian to have a command to intentionally go out and get those things...

Re:Advanced Persistant Threat (APT)

[Anonymous Coward]

Why? It's a very apt term.

Yay!

[jargonburn]

Another Windows problem that can be fixed by having the user restart his or her computer!