Life of a Jackal

Another day a new beginning

Big Internet Explorer Exploit

Microsoft has confirmed that a newly-discovered vulnerability exists in Internet Explorer that the security companies are calling "significant" and "highly critical." Of course, you won't find such scary language on Microsoft's milquetoast advisory page, but the vulnerability (for which researchers have released proof-of-concept exploit code), allows malicious web sites to run arbitrary code on victims' machines. No patch exists, but Microsoft says an effective workaround is to disable Active Scripting in IE and that Outlook and Outlook Express are not vulnerable.
more than 200 web sites
have been altered
by hackers to include malicious code to exploit it. Sites being seeded with infectous code include
small business sites that most users would never suspect of harboring malicious software. When an Internet Explorer user
visits such a site, all kinds of malware may be silently installed on their computers, including programs which steal
passwords and credit card numbers. Microsoft has yet to release a patch and likely won't for another two weeks when
Patch Tuesday rolls around. They're still advising users to disable Active Scripting, but Krebs is recommending much
more direct action that I echo: drop Internet Explorer and install Firefox or Opera.

Technorati Tags: , ,


March 29, 2006 - Posted by | Browsers, Web, Windows

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: