IE Vulnerability: Microsoft Quick Fix Issued

Microsoft security blog, Technet on Saturday released an advisory warning of a vulnerability in older versions of Internet Explorer, IE6,7 & 8, which could allow remote code execution through memory corruption in the browser.  The zero-day bug is reportedly being actively exploited in the wild to hijack users PCs, allowing attackers to execute malicious codes.

The company had announced a work-around, termed "fix it" to temporarily contain the exploits and have promised a permanent solution in its security update.

IE users are thereby recommended to be weary of unknown links within emails, as the exploits are only possible, when a user visits a maliciously coded website. And an attacker can only be successful if able to trick users into clicking the link.

Microsoft IE9 and 10 are free from the vulnerability, therefore users have nothing to worry about. But, ironically only Windows 7 and above can run this newer IE versions leaving the great majority of Windows users at the mercy of the bug.

Microsoft, however, has promised on coming-up with a permanent fix soon. Adding that Internet Explorer on Windows server 2003, 2008 and Windows server 2008 R2 runs in a restricted mode by default, which mitigates the vulnerability.
Next Post »