Drag-and-drop security error in IE

Security experts have warned about security issues in drag-and-drop functionality of Internet Explorer.

This error facilitates malicious code intrusion and then the hacker can fully control the computer. This error affects most IE browser versions from 5.01 to 6.0.

Drag-and-drop functionality is one of the most popular Windows utilities. Now, this feature can be dangerous for many users' computers. In August 2005, Microsoft announced the possibility of being drag-and-drop in IE. On Monday, Websense also announced that some websites have taken advantage of a flaw in Microsoft's drag-and-drop feature to attack users.

Users are easily fooled to perform drag and drop operations when accessing these websites. As soon as they release the mouse, the malicious code silently works and infects your computer. It is difficult for anti-spam and anti-spam programs to detect these codes because they are generally 'legalized'.

Patch

Microsoft said it could not immediately release the patch, however, the patch for the bug will definitely be available in Windows 2003 service pack 2 and Windows XP service pack 3.

The SecuriTeam website, where the notice of the above security error has been issued, has also provided three methods for prevention. You can go here to see the full text. If you have a preliminary knowledge and good English, you can apply one of these three ways to prevent it. Otherwise, the most useful advice is to upgrade antivirus and firewall programs.

Microsoft has not yet evaluated this as a serious error, and therefore, in the release of this periodic patch this month, they will release patches for Windows Media Player, Microsoft Office and some other Windows errors.

TRAN HUY