Microsoft Explores Another IE Flaw After the Google Attack

Microsoft announces its aspiration to investigate another Internet Explorer flaw. This time the vulnerability is different from the one used to attack Google and the U.S. companies. As a result of this flaw, the IE users may loose their information by a fault of unknown disclosure. This can happen for those who run their browsers on some older operating systems.

For that reason Microsoft software specialist said in an advisory, that the vulnerability exists, but there were no attacks grounded of this hole in IE. The flaw is not connected to the Google attack which was announced earlier. This time the vulnerability could be exposed by malicious websites designed to take advantage of the Internet Explorer defect or to perform a web-based attack by compromising a website via malicious advertisement or the user-generated content. This may lead the user into constantly visiting the disreputable website.

Microsoft's announced concern about the new flaw in the Internet Explorer could affect those running Windows XP and IE on Windows XP. The software specialists notice, that those who run their browsers on Windows Vista and Windows 7 aren't vulnerable, because they run on a “protected mode” by default.

Nevertheless, McAfee spokesman Joris Evers also said, the latest issue doesn't allow the attacker to achieve full control of the operating system. However, this vulnerability can't be missed, because it can be crucial for the user's personal information or system information, which can be used in a follow up attack.

Microsoft also said it may take some time to investigate and release an update for this flaw as it was done during the latest Google attack. The software maker suggested an automated “Fix it” that can turn on the protected mode for those running IE 6.

More Vulnerabilities news

A Bug Found in OpenSSL

A “severe vulnerability” was found in the OpenSSL. Computer researcher's used software encryption package that allows them to rebuild a machine's confidential cryptographic key. The flaw in OpenSSL is important because the open-source package is used to protect sensitive data all over the world. Read more.

• Google Engineer Disclosed Window's DEP Flaw
• Be Careful With F1!
• Top 10 TLDs Used by Botnets For CnC
• Mistakes to Avoid on Social Networks
• New Windows Security Update Patches Critical Flaws
• Google Announced a New Bug Bounty Program
• Security Makers Use Adobe Avoiding Attacks on Windows PCs
• Trojan “Plays” With Install Files
• Fraudulent Firefox Update Spreads Via Zango Toolbar
• Security Companies Report Microsoft IE Flaw to be Known Since 2007

News categories

• Malware
• Spam and email
• Phishing
• Mobile security
• Vulnerabilities
• Security software
• Online security
• Security basics

Latest news

• Ashton Kutcher and Other Celebrities Caused 2009 Twitter Crime Wave
• New iPad Attracts Spammers
• How to Create a Secure Password?
• A Bug Found in OpenSSL
• Source Code is Stolen By Hackers
• Google Engineer Disclosed Window's DEP Flaw
• Top 15 Most Abused TLDs in February 2010
• Mariposa Botnet is Closed and Attackers Are Arrested
• Be Careful With F1!
• Fake Virus Total

Antispyware Software

• • Download Spyware Doctor
    
• • Download VIPRE Antivirus + Antispyware
    
• • Download Trend Micro AntiVirus plus AntiSpyware
    
• • Download Spy Sweeper
    

Subscribe