Users at risk of IE bug, warns Microsoft
December 24th, 2010 - 12:47 pm ICT by ANILondon, Dec 24 (ANI): Microsoft has issued a warning about an Internet Explorer bug that might hack into and take control of unprotected computers.
Although Microsoft has already released a workaround solution for the bug, it is still working on the permanent solution, it said.
In the meantime, it recommended those concerned use a protection system known as the Enhanced Mitigation Experience Toolkit.
The bug revolves around the way that IE manages a computer’s memory when processing Cascading Style Sheets - a widely used technology that defines the look and feel of pages on a website.
Criminals can exploit IE’s memory management to inject their own malicious code into the stream of instructions a computer processes as a browser is being used.
Installing and applying the toolkit may require Windows XP users to update the version of the operating system they are using. But even if they do that some of the protection it bestows on Windows 7 and Vista users will not be available.
We’re currently unaware of any attacks trying to use the claimed vulnerability or of customer impact,” the BBC quoted Dave Forstrom, the director of Microsoft’s Trustworthy Computing group, as saying.
“As vulnerabilities go, this kind is the most serious as it allows remote execution of code. This means the attacker can run programs, such as malware, directly on the victim’s computer,” said Rik Ferguson, senior security analyst at Trend Micro.
He added, “It is highly reminiscent of a vulnerability at the same time two years ago which prompted several national governments to warn against using IE and to switch to an alternative browser.” (ANI)
- Microsoft warns about flaw that makes hacking easier - Dec 26, 2010
- Microsoft announces automatic upgrades for Internet Explorer - Dec 16, 2011
- Microsoft web browser faces security risk - Feb 01, 2011
- 900m Internet Explorer users at risk as Microsoft warns of security flaw - Feb 01, 2011
- Microsoft issues emergency flaw fix - Aug 03, 2010
- One in 10 computers vulnerable to cyber attack - Jul 23, 2010
- Almost all good news: 100 days of Windows 7 - Feb 07, 2010
- Google Resolves Several Problems For Chrome In New Version - Aug 22, 2010
- Apple asks Russian anti-virus firm to improve OS X security - May 15, 2012
- BLADE software eliminates threats of 'drive-by downloads' from Internet - Oct 07, 2010
- Chinese used 'flaws' in Microsoft explorer to hack Google - Jan 16, 2010
- Buy original software, Microsoft tells people in Lucknow - Apr 06, 2011
- Russian internet users double - Sep 24, 2011
- The IE9 Beta gets launched - Sep 21, 2010
- AV Security Suite: Wolf In The Clothing Of Lamb - Jun 08, 2010
Tags: attacker, cascading style sheets, computer processes, computing group, customer impact, dec 24, internet explorer bug, malicious code, malware, memory management, mitigation, national governments, permanent solution, rik, security analyst, senior security, trend micro, trustworthy computing, unprotected computers, vulnerability