Unpatched Internet Explorer Flaw Leaves PCs Vulnerable

Monday, December 27, 2010



Microsoft has issued a warning about a vulnerability in Internet Explorer that makes it possible for hackers to take control of a user's computer.

The flaw is present in IE versions 6 through 8,and will allow the injection of malicious code if a user visits websites designed to exploit the vulnerability by exploiting how the browser controls a computer's memory when processing the instructions for the presentation of a webpage, the Cascade Style Sheet (CSS).

"We're currently unaware of any attacks trying to use the claimed vulnerability or of customer impact," said the director of Microsoft's Trustworthy Computing group, Dave Forstrom.

The flaw can allow a hacker to take direct control of a PC and execute commands without the owner's knowledge.

"As vulnerabilities go, this kind is the most serious as it allows remote execution of code. This means the attacker can run programmes, such as malware, directly on the victim's computer," Trend Micro's Rik Ferguson told the BBC.

Microsoft is studying the vulnerability in efforts to develop a patch to prevent the exploit.

Source:  http://www.ciol.com/Global-News/Global-News/News-Reports/MS-warns-about-flaw-that-makes-hacking-easier/145018/0/

Possibly Related Articles:
Microsoft malware Vulnerabilities CSS Remote Access Headlines Hacker Internet Explorer
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.