[ news_security_news ]
Hackers Break Windows, IE
John Stith
Staff Writer
2005-11-30
 Security News RSS Feed
The security folks at Microsoft, via the Microsoft Security Response Center Blog, announced some additional problems with a previously announced vulnerability. New software exploiting the recently exposed Internet Explorer (IE) vulnerability made its appearance and Microsoft has updated the security bulletin as well.
They stated on the blog, "We've been made aware that there has been some malicious software exploiting the recently publicly disclosed Internet Explorer vulnerability. We have just updated our security advisory to reflect this new information, and wanted to let you know that you can visit Windows Live Safety Center if you think you might be infected as a result of this vulnerability. We encourage you to use the Complete Scan option to check for and remove this malicious software. Know that the IE team is hard at work on an update, and we will continue to investigate these public reports."
The vulnerability is in Internet Explorer (IE) for Windows 98, 98 SE, ME, 2000 SP4 and XP SP1 and SP2. Server 2003 and Server 2003 SP1 in their default configs with the Enhance Security Configuration on won't be affected. Microsoft is still recommending enabling a firewall, applying software updates and installing antivirus software.
If an attacker gets you to his website, then he can hook into your computer and have the same rights as the local user. Folks who operate with administrative user rights may have more problems.
The big issue though is that the code has been posted all over the web and many feel it's only a matter of time before an attack, most likely in the form of a denial-of-service attack.
Many security companies as well as Microsoft are advising folks to get all their updates, patches, etc.
About the Author:
John is a staff writer for SecurityProNews covering cyber security.
More news_security_news Articles
Security News RSS Feed
|
|
RSS
Archive
Contact Us
Advertise
