According to Fireeye, the web site for the Council on Foreign Relations was compromised and recently hit by a drive-by attack that was detected this month. The exploiters are suspected to be from mainland China. They exploited a zero day vulnerability in Internet Explorer at the most elite foreign policy group in America – the CFR.
According to Fireeye researchers, malicious content on the website was hosted by hackers whch is used as a ‘drive by’ that is exploiting the fully patched and allegedly secure (yea, right) Internet Explorer version 8.0 to take advantage of visitors to the CFR website. Fireeye has provided the information to Microsoft and has not released additional details hoping that Microsoft will be able to develop a patch to this issue for Internet Explorer 8.0 users.