Microsoft has revealed that there is another flaw in Internet Explorer, soon after the browser was found to be the weak link in a Chinese cyberattack on Google.
The flaw was demonstrated at the Black Hat security conference in Washington DC by researcher Jorge Luis Alvarez Medina.
Medina showed delegates that the flaw could be exploited to access every file on a PC. Microsoft said that the flaw affected versions of Internet Explorer from IE6 to IE8.
"At this time, we are unaware of any attacks attempting to use this vulnerability. We will continue to monitor the threat environment and update this advisory if this situation changes," Microsoft said in a statement.
"On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs," the statement continued.
Security experts were less than impressed with the news.
"It remains to be seen how quickly Microsoft can roll-out a proper fix for the problem, but hopefully it will be sooner rather than later as it does sound as though the vulnerability is trivial to exploit," said Graham Cluley of Sophos.
Topic: New Internet Explorer flaw outlined (Read 790 times)