Microsoft Explores Another IE Flaw After the Google Attack
By Gina on February 4, 2010 | Vulnerabilities, Microsoft, flaw, Google attack, vulnerability
Microsoft announces its aspiration to investigate another Internet Explorer flaw. This time the vulnerability is different from the one used to attack Google and the U.S. companies. As a result of this flaw, the IE users may loose their information by a fault of unknown disclosure. This can happen for those who run their browsers on some older operating systems.
For that reason Microsoft software specialist said in an advisory, that the vulnerability exists, but there were no attacks grounded of this hole in IE. The flaw is not connected to the Google attack which was announced earlier. This time the vulnerability could be exposed by malicious websites designed to take advantage of the Internet Explorer defect or to perform a web-based attack by compromising a website via malicious advertisement or the user-generated content. This may lead the user into constantly visiting the disreputable website.
Microsoft's announced concern about the new flaw in the Internet Explorer could affect those running Windows XP and IE on Windows XP. The software specialists notice, that those who run their browsers on Windows Vista and Windows 7 aren't vulnerable, because they run on a “protected mode” by default.
Nevertheless, McAfee spokesman Joris Evers also said, the latest issue doesn't allow the attacker to achieve full control of the operating system. However, this vulnerability can't be missed, because it can be crucial for the user's personal information or system information, which can be used in a follow up attack.
Microsoft also said it may take some time to investigate and release an update for this flaw as it was done during the latest Google attack. The software maker suggested an automated “Fix it” that can turn on the protected mode for those running IE 6.
More Vulnerabilities news
Firefox 9.0 and four critical flaws fixed
Firefox 9.0 comes with a faster JavaScript engine but the main thing it brings is fixes to four serious vulnerabilities that affect its earlier versions (except v3.6). The security hole could allow an attacker to execute malicious code on a machine using a specially arranged web page. Firefox 9.0 version fixed flaw that enabled the hackers to access out-of-bounds memory areas. Moreover, Firefox 9. Read more.- Major flaw of Adobe Reader and Acrobat 9.x is patched
- Adobe Reader targeted again: Acrobat vulnerability
- From „White hat“ Charlie Miller was turned to „Black hat“
- Temporary remedy against Dugu
- Malware distribution tendencies 2011
- Mac OS X Lion flaw gives opportunity attacker changing victim’s password
- Flaws have been detected in Symantec Endpoint Protection Manager
- New IE bug may expose your cookies
- Secret is not revealed but Facebook’s flaw is repaired
- XSS flaw of Facebook is unpatched and explored for Wall posting
