Microsoft investigates MSN Korea hack

Microsoft Corp. had to take part of its MSN Korea property offline earlier this week after hackers attempted to compromise a section of the site.

A hack into the site’s news section was discovered around noon local time on Wednesday and the news page was taken down for around 24 hours to fix the problem, MSN Korea Marketing Manager Yena Kim said Friday.

Kim confirmed that the hack was a so-called iFrame attack, which exploits a flaw in Microsoft’s Internet Explorer (IE) browser, but declined to give any further details. IFrame elements are inline floating frames in IE where content is displayed, according to Microsoft’s Web site. The software maker released a patch for an iFrame vulnerability in December.

The MSN Korea property is hosted by a third party and it was unclear whether the vendor’s servers were patched against the flaw.

Microsoft said it was not aware of any customers having been affected as a result of the hack, but it is continuing to investigate the incident. The company is co-operating with law enforcement agents and said it will take legal action against those responsible.

Related Download
What is an Application Delivery Controller Sponsor: Softchoice
What is an Application Delivery Controller
Download this white paper to learn the core services ADCs provide and its benefit to both users and application administrators.
Register Now