Sponsor for PC Pals Forum

Author Topic: Microsoft investigates Internet Explorer flaw  (Read 1022 times)

Offline Clive

  • Administrator
  • *****
  • Posts: 75153
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
Microsoft investigates Internet Explorer flaw
« on: December 11, 2008, 22:18 »
Hackers are exploiting an unpatched security hole in Internet Explorer 7 to take control of computers, security experts have warned.

If an attacker successfully exploits the IE7 flaw, it could gain the same user rights as the computer owner and access any personal information.

Microsoft said it is investigating reports of the attacks. So far it has identified that attacks are against Windows Internet Explorer 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008.

The IE7 flaw is one of three so-called 'zero-day' flaws that have been discovered this week. Zero-day threats are released into the wild before security vendors can issue protection against them. The other zero-day vulnerabilities impact Microsoft SQL Server 2000 and WordPad's text conversion feature.

Mary Landesman, senior security researcher at ScanSafe, said: "Zero-day exploits involving any widely used software are particularly concerning. When it impacts a browser as widely used as Internet Explorer, it can have serious implications. Predictably, attackers were very quick to add the IE7 exploit to their tool kit and we anticipate these attacks will escalate over the coming weeks."

Microsoft said it was aware only of "limited attacks that attempt to use this vulnerability" in IE7 but that on completion of its investigation, Microsoft would take the appropriate action to protect its customers, including possibly providing a solution through a service pack or via its monthly security update release process.

On the second Tuesday of each month, dubbed 'patch Tuesday', Microsoft releases security updates for its products. On 9 December, Microsoft released eight security patches to resolve a total of 28 vulnerabilities including fixes for Windows, Word, Internet Explorer, Excel and Office - but these did not address the IE7 flaw.

Customers are advised to enable a firewall, apply all software updates and install anti-virus and anti-spyware software.


Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Microsoft investigates Internet Explorer flaw
« Reply #1 on: December 11, 2008, 23:14 »
I wonder if that also affects 'overcoat' browsers, such as Avant?   :devil:
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Clive

  • Administrator
  • *****
  • Posts: 75153
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
Re: Microsoft investigates Internet Explorer flaw
« Reply #2 on: December 12, 2008, 09:16 »
Heavens No!   :scoot:

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Microsoft investigates Internet Explorer flaw
« Reply #3 on: December 12, 2008, 09:42 »
:)x
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: Microsoft investigates Internet Explorer flaw
« Reply #4 on: December 12, 2008, 10:32 »
Heavens, yes. :)
Slainthe!

Rik

Offline Simon

  • Administrator
  • *****
  • Posts: 77923
  • First to score 7/7 in Quiz of The Week's News 2017
Re: Microsoft investigates Internet Explorer flaw
« Reply #5 on: December 12, 2008, 10:52 »
Mozilla rules!  ;D
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Rik

  • Former Admin
  • *****
  • Posts: 26506
  • Ceud mille failte
Re: Microsoft investigates Internet Explorer flaw
« Reply #6 on: December 12, 2008, 10:53 »
I prefer a 2pt rule myself. ;)
Slainthe!

Rik


Show unread posts since last visit.
Sponsor for PC Pals Forum