Tuesday, October 21, 2014
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
China Denies Apple's iCloud Hack Allegations
Samsung Galaxy KNOX Devices Approved for U.S. Government Classified Use
iPhone 6 Demand Help ARM's Growth
SK Hynix Develops High Density 16GB NVDIMM
Samsung Mass Produces 8-Gigabit DDR4 Based on 20 Nanometer Process Technology
Strong iPhone, Mac And App Store Sales Drive Apple's Record September Quarter Revenue And Earnings
Apple iOS 8.1 Available For Download
E FUN To Relase $179 Windows tablet
Active Discussions
Copied dvd's say blank in computer only
How to generate lots of different CDs quickly
Yamaha CRW-F1UX
help questions structure DVDR
Made video, won't play back easily
Questions durability monitor LCD
Questions fungus CD/DVD Media, Some expert engineer in optical media can help me?
CD, DVD and Blu-ray burning for Android in development
 Home > News > General Computing > Microso...
Last 7 Days News : SU MO TU WE TH FR SA All News

Tuesday, November 24, 2009
Microsoft Confirms Zero-Day Exploit For Internet Explorer


A new exploit targeting Internet Explorer was announced by Microsoft yesterday, and Microsoft has released an advisory with information and workarounds.

According to Microsoft's investigation so far, Internet Explorer 5.01 Service Pack 4 and Internet Explorer 8 on all supported versions of Microsoft Windows are not affected, and that Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7 on supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 are affected.

The vulnerability exists as an invalid pointer reference of Internet Explorer. It is possible under certain conditions for a CSS/Style object to be accessed after the object is deleted. In a specially-crafted attack, Internet Explorer attempting to access a freed object can lead to running attacker-supplied code.

Security firm Symantec has also confirmed that it affects Internet Explorer versions 6 and 7.

"The exploit currently exhibits signs of poor reliability, but we expect that a fully-functional reliable exploit will be available in the near future. When this happens, attackers will have the ability to insert the exploit into Web sites, infecting potential visitors. For an attacker to launch a successful attack, they must lure victims to their malicious Web page or a Web site they have compromised. In both cases, the attack requires JavaScript to exploit Internet Explorer," Symantec said.

The security firm suggests Internet Explorer users to ensure their antivirus definitions are up to date, disable JavaScript and only visit Web sites they trust until fixes are available from Microsoft.

On completion of Microsoft's investigation, the conmpany may include providing a solution through its monthly security update release process, or an out-of-cycle security update.


Previous
Next
Samsung Announces Special Prices For HDTVs        All News        Lite-On Releases New LabelTag Drive
Google Bought Display Ad Startup Teracent     General Computing News      Opera Unite Now Available in Opera 10.10

Get RSS feed Easy Print E-Mail this Message

Related News
Microsoft And Dell Puts Azure In A Box
Microsoft To Launch A Wearable Device Soon
Microsoft CEO Apologizes For Suggesting Women not Ask for Raises
Microsoft says Samsung owes Millions in unpaid Patent Royalties
Microsoft Wireless Display Adapter Connects Miracast Devices to HDTVs
Microsoft Releases New Arc Touch Bluetooth Mouse, PC Accessories
Microsoft To Hold Next-generation Windows Event
Microsoft to Buy Minecraft maker Mojang
Microsoft To Drop The Nokia Branding
Microsoft Azure Media Services Adds Live streaming, Content Protection and Indexing Services
Microsoft Launches Delve For Office 365
Microsoft Updates MSN

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .