Turn off the Ad Banner  

To print: Select File and then Print from your browser's menu.

    -----------------------------------------------
This story was printed from CdrInfo.com,
located at http://www.cdrinfo.com.
-----------------------------------------------

Appeared on: Sunday, April 27, 2014
Microsoft Acknowledges Vulnerability in Internet Explorer

Microsoft on Saturday said that it disovered "limited, targeted attacks" that attempt to exploit a vulnerability in Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11.

All versions of Internet Explorer from 6 through 11 are listed as vulnerable as well as all supported versions of Windows other than Server Core. Windows Server versions on which IE is run in the default Enhanced Security Configuration are not vulnerable unless an affected site is placed in the Internet Explorer Trusted sites zone.

The remote code execution vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. It may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.

Microsoft is investigating the vulnerability and exploit and has not yet determined what action it will take in response or when.

PCs running Windows XP will not receive any updates fixing that bug when they are released, however, because Microsoft stopped supporting the 13-year-old operating system earlier this month.




Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2014 - All rights reserved -
Privacy policy - Contact Us .