New serious vulnerability threatens IE
For the second time in a week, hackers found a new vulnerability in Microsoft's IE browser that could be exploited to run unauthorized software on Windows computers.
For the second time in a week, hackers found a new vulnerability in Microsoft's IE browser that could be exploited to run unauthorized software on Windows computers.
Source: Security
The latest vulnerability, announced on April 29, allowed an attacker to take control of the Windows system and was classified as "High Risk" by the Security Website FrSIRT.
Although the "proof-of-concept" code indicates how to exploit this vulnerability has been published, making the vulnerability even more dangerous, but not without "cooling down" factors. First of all, an attacker must trick users into visiting a fake Web site and then ask them to do certain tasks, such as writing a text in Box, etc. before it can activate malicious software.
Also, the other good news is that this vulnerability does not affect the latest Windows versions and Windows Servers 2003.
No patch yet
Because of these limitations, Microsoft decided not to release emergency patches.
" The vulnerability cannot be exploited if the user does not manipulate a variety of activities. This is not common when browsing the Web. Therefore, we decided that the problem would be solved by a Service. Pack instead of a monthly update patch, "Microsoft said.
If you do not want to wait for the next Service Pack to be released, users can avoid the risk by changing IE's security settings. However, it may prevent IE from displaying correctly ActiveX-based websites.
IE continues to be the main target of hackers, with Microsoft having to release more than a dozen patches in the latest security update on April 11. Last Sunday, expert Michael Zalewski published detailed information about a similar serious flaw in IE. Secunia has rated this vulnerability "highly critical".
Thien Y
- Microsoft Word vulnerability becomes
- AOL patched the image search vulnerability
- Apache has a dangerous vulnerability
- Google Desktop vulnerability before the new attack
- New vulnerability in Skype threatens users
- Internet Explorer may crash because of a new vulnerability
- $ 12,000 for a vulnerability in Vista or IE7
- A new vulnerability has appeared in Vista
- Windows has never seen a dangerous zero-day vulnerability
- A new zero-day vulnerability appears in PowerPoint
What is the Snapdragon SiP chip? How to create a yellow circle around the mouse cursor on Windows Edit the Boot.ini file in Windows XP 3 ways to restart the remote computer via the Internet Vietnam computer market: Looking back a year How to restore deleted applications on Android How to increase the capacity of C drive on Windows 10, 8, 7 ... 8 security features of Windows operating system