Microsoft Issues Internet Explorer Security Exploit Advisory
Still clinging to Internet Explorer? If so, be aware of a recently posted security advisory (2757760) alerting IE users of a vulnerability that could allow attackers to execute malicious code from a remote location. According to Microsoft, the the vulnerability affects affects IE6, IE7, IE8, and IE9 (IE10 is excluded).
"A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted or has not been properly allocated," Microsoft explains. "The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website."
Microsoft said it's received reports of just a small number of targeted attacks so far. The software giant is working on a security update to plug up hole in IE, but in the meantime, there are several workarounds available. In addition to Microsoft's workarounds, users could always switch to an alternative browser (Chrome, Firefox, Safari) until things are sorted out.
"A remote code execution vulnerability exists in the way that Internet Explorer accesses an object that has been deleted or has not been properly allocated," Microsoft explains. "The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website."
Microsoft said it's received reports of just a small number of targeted attacks so far. The software giant is working on a security update to plug up hole in IE, but in the meantime, there are several workarounds available. In addition to Microsoft's workarounds, users could always switch to an alternative browser (Chrome, Firefox, Safari) until things are sorted out.
