Jump to content

Internet Explorer Vulnerability (Again)


gi7omy
 Share

Recommended Posts

Yesterday we reported on a new critical flaw in Microsoft's Internet Explorer (IE) that allows hackers to circumvent the operating system and take control of MS Windows. In most instances, a Trojan is deployed on affected systems and spyware is installed. The flaw affects users of Windows XP through Windows 7.

 

Microsoft recently acknowledged the vulnerability's existence, and has provided a limited workaround for the issue.

Internet Explorer Flaw "Not Serious Enough" to Warrant Emergency Patch

 

The Internet Explorer flaw was discovered earlier this month by a French security company, but Microsoft says the flaw isn't serious enough to declare a software state of emergency.

 

"The issue does not currently meet the criteria for an out-of-band release," said Microsoft Security Response Center representative Carlene Chmaj. "However, we are monitoring the threat landscape very closely and if the situation changes, we will post updates." (Source: http://www.computerworld.com)

 

As Microsoft noted when reports of the flaw first emerged, there haven't yet been any attacks using the exploit. The flaw is related to Internet Explorer's HTML engine, and affects Internet Explorer 6, 7, and even IE8. (Source: http://www.bbc.co.uk)

Workaround Tool for Advanced Users

 

While Microsoft works on a patch (presumably for January's Patch Tuesday release), it says users can limit their chances of being affected by the issue by configuring the Enhanced Mitigation Experience Toolkit (EMET) to raise IE's defenses.

 

The Enhanced Mitigation Experience Toolkit can be downloaded for free from Microsoft's site. That said, this tool is specifically designed for advanced users, which makes the workaround less than applicable for everyday Internet Explorer users.

 

Rival browsers Mozilla Firefox, Google Chrome, Apple's Safari and Opera are reportedly not affected by the flaw

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...