[ news_security_news ]
Unpatched Hole Could Mean Trouble For IE Users
Chris Crum
Staff Writer
2006-09-20
 Insider Reports RSS Feed
Sophos warns of an unpatched hole in Microsoft software that allows hackers to exploit the way Vector Markup Language (VML) is handled.
Hackers can take advantage of this hole to install malicious code onto the computers of unsuspecting victims. Microsoft says that it plans to have a patch for the vulnerability by as late as October 10.
Users of IE 6 are advised to stay away from the porn sites. Silicon.com reports: Shady adult websites are among the first to exploit the IE vulnerability, Eric Sites, vice president of research and development at spyware specialist Sunbelt Software, wrote on a corporate blog. In one case, a malicious website used the exploit to install "epic loads of adware", according to Sunbelt. "The developers at Microsoft will be spitting feathers about yet another critical security problem being found in their code. What's worse, this is a flaw that is being exploited by hackers intent on installing malware on the computers of Windows users without any patch existing," says Sophos senior technology consultant Graham Gluley.
"This is now a race against time," he continued. "Even though reports of the exploit are so far limited, companies reliant on Internet Explorer would be wise to follow Microsoft's advice on ways to avoid this particular form of attack as it may be weeks before a patch from Microsoft is available."
People who use browsers that aren't Microsoft such as those with Macs and/or Mozilla Firefox need not worry about the flaw.
Tag: Microsoft, IE, security
Add to  Del.icio.us |  Digg |  Yahoo! My Web |  Furl
Get all the updates in RSS: 
About the Author:
Chris Crum is a staff writer for SecurityProNews and WebProNews.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
