Internet Explorer bug confirmed by Microsoft, offers a temporary fix

Microsoft has confirmed the presence of an unpatched vulnerability in all versions of its Internet Explorer (IE) browser, and has issued a warning that attackers can exploit by persuading users to visit a rigged web site.

The company acknowledged that the bug could result in the execution of remote code. The bug affects Internet Explorer versions 6, 7 and 8. Users can be exploited if they visit a web page hosting the exploit.

Microsoft claimed that IE7 or IE8 on Windows Vista and Windows 7 are less likely to be affected by a successful attack because they have a feature called ‘Protected Mode,’ which prompts users before letting them install, run or modify certain operating system components.

The technical advisory released by the company states that the vulnerability exists due to the creation of uninitialized memory during a Cascading Style Sheets function within Internet Explorer.

The newly discovered bug was first disclosed by the IT security firm Vupen on December 9. A video demonstration of an attack was posted by researchers on Tuesday.

Microsoft has then introduced a temporary fix for the bug called the ‘The Enhanced Mitigation Experience Toolkit 2.0 (EMET). The company also offers instruction on how to configure EMET to prevent attacks.

Until Microsoft releases a patch fixing the error, experts strongly encourage users to apply proactive protective security measures, such as keeping antivirus and antimalware software current. Numerous antivirus products incorporate behavioral protection, which are often easier to keep up to date than deploying a companywide patch.

Microsoft is working on a permanent fix for the problem.

Advertisements

One response to this post.

  1. Fix Computer Problems – How to Fix Computer Problems the Quick and Easy Way…

    Awsome stuff, thanks for sharing!! I tracked back to my site….

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: