HOME
Technology
Life
Discover science
Medicine - Health
Event
EntertainmentNew security vulnerabilities cripple IE
Security firms all warned users on March 17 about a new serious security vulnerability in Internet Explorer that could cause the browser to cease to function if attacked.
This previously unknown and unpatched security error arises in the " mshtml " library when a malicious HTML tag along with an unusually large number of script processing objects ( script handlers ) is included. Browser. Thus, malicious attackers can completely cripple the browser by overflowing the cache.
Researcher Michal Zalewski was the first to describe the vulnerability through Bugtraq's secure email list. Besides, Michal also released a code that could cripple the IE browser patched with all the vulnerabilities on the Windows XP Service Pack 2 platform.
Symantec also warned customers of its DeepSight system that Symantec's employees had tested and validated Michal's code that it had the ability to cripple Internet Explorer in some cases.
Also yesterday, security firm McAfee also released a virus definition upgrade file that could detect IE attackers like Michal's code.
It can be said that IE is easily 'defeated' by attacking through this new security hole if the user accesses a bad website, simply because this security hole can be exploited. cascade with a single 'malicious' HTML tag.
However, Symantec also warned that this security vulnerability may be more serious than what we know today. ' We need to investigate in detail how to exploit this security vulnerability to determine if it can be exploited by executing malicious code .'
If this same vulnerability could be exploited by executing malicious code, IE would face a completely new threat of malicious attacks.
There are still no solutions or patches for this security hole. Microsoft has not yet had any plans for this security vulnerability.
' Before we get more detailed information about this security hole, users should be cautious about accessing the web and should only limit access to trusted sites, ' Symantec warned.
Meanwhile, Michal added that other browsers such as Firefox and Opera are not affected by this vulnerability and recommend users to use other browsers to replace IE.
- Trend of security vulnerabilities outstanding in 2006
- 5 common errors in managing security vulnerabilities
- Microsoft patched a series of serious vulnerabilities
- There is going to be a patch for serious Windows errors
- Microsoft summed up the year with 11 vulnerabilities
- Google: Web videos can cripple the Internet
- Mac operating system vulnerabilities are dangerous to users
- 10 hacker attacks left the most serious consequences in 2015
- Two new vulnerabilities were discovered in Firefox
- Appeared source code to attack Microsoft products
- AOL released a security application
- Microsoft patched 10 security holes
What is the Snapdragon SiP chip?
How to create a yellow circle around the mouse cursor on Windows
Edit the Boot.ini file in Windows XP
3 ways to restart the remote computer via the Internet