Microsoft has confirmed that a new vulnerability has indeed been found in IE6, IE7 and IE8. The vulnerability can be used to launch targeted attacks on the users of these versions.
1 Star2 Stars3 Stars4 Stars5 Stars (Rate This)
Loading...

Although Internet Explorer no longer holds the crown of being the most widely-used browser, it still commands a mighty user base. Thus, it is bad news for these users that Microsoft has confirmed a new vulnerability in the earlier versions of the browser.


IE vulnerability

The vulnerability is currently being actively used by hackers to launched targeted attacks against Internet Explorer users. Although IE9 and IE10 users are safe, those using IE6, IE7 and IE8 are vulnerable to such targeted attacks.

For now, the software giant hasn’t released any patch to cover up the security flaw. It did release a Security Advisory note, though, which goes on to raise awareness regarding the vulnerability and suggests ways to minimize the damages that may be incurred due to this loophole.

According to Dustin Childs of Microsoft Trustworthy Computing, “Microsoft released Security Advisory 2794220 to provide customer awareness of a vulnerability affecting Internet Explorer versions 6, 7, and 8. While we actively work to develop an easy, one-click Fix it solution and security update for this issue, we strongly encourage that customers apply the mitigations and workarounds described in the advisory.”

This new vulnerability first came to light when the website of Council on Foreign Relation was hacked. The attackers used a JavaScript to load an Adobe Flash file which ultimately launched a heap spray in IE. This led to the downloading of a new file named ‘xsainfo.jpg.’

For now, Microsoft is recommending that such users who are using the IE versions containing this vulnerability should disable Flash ActiveX control in their browsers and disable Java. Such users who can upgrade to more recent versions of Internet Explorer must do so instantly.

Source: Microsoft

Courtesy: TNW

Buy Cheapest Related Product From Amazon.com


Year End Deal On Lenovo ThinkPad X1 Carbon Touch Ultrabook, Save $179.88

Sony May Unveil New Smartphone ‘Xperia Z’ At CES 2013
You can also press the left/right arrow key on your keyboard to go to previous/next post
  On December 30, 2012(3 years, 9 months ago.)

You May Also Like:

What Do You Think?

Leave a Reply




Loading Facebook Comments ...

FTC Disclosure: Some of the links of this website are "affiliate links." This means if you click on the link and purchase the item, we will receive an affiliate commission.


Recent Search

Recent Tutorials

There is a high-risk XSS Vulnerability in W3 Total Cache, and we have got the guide to the fix for you.
Check out this tutorial to know how to install Apple watchOS 3 beta certificate on your Apple Watch and start enjoying the new version.
If you are trying to jailbreak iPhone, iPad or iPod on iOS 9.2 - 9.3.3 without using a computer or Apple ID, then check this video tutorial.
Pokemon Go users are complaining about the crashing and server issues. Check out the tutorial to solve error problems and thanks us later.
Turning off Wi-Fi Assist is a great way to save mobile data since it automatically starts using cellular data when Wi-Fi signal is poor .
If you want to secure your SIM card from others using it, then check out this tutorial to know how to set up the SIM Pin code on your iPhone.
CiderTV is a great alternative to control Apple TV from the Notification Center. Check out this tutorial to set up CiderTV on your iPhone.
Are you annoyed by the split screen mode on the iPhone 6 Plus or 6s Plus? Check out this quick tutorial to turn off split screen feature.
If you could not wait to installed the iOS 10 beta version on you iPhone and now struggling for the errors, then this tutorial is for you.
Siri might not understand the question you asked. But you can use Siri by editing the text that you asked & it will give an updated answer.
Close You Have To Login
User:
Pass:
Login With »Login With TwitterLogin With Facebook