AOH :: IS1482.HTM

Microsoft offers workaround for IE7 flaw

Microsoft offers workaround for IE7 flaw
Microsoft offers workaround for IE7 flaw


http://www.gcn.com/online/vol1_no1/47747-1.html 

By Jabulani Leffall
GCN.com
12/16/08

A zero-day flaw in Internet Explorer 7 reported last week has sparked 
increased hacker activity, and now the attacks involve most versions of 
Microsoft's Internet browser. Still, Microsoft does not plan to issue a 
fix for the exploit until sometime next year.

The attack code originated on Chinese servers and initially only 
affected IE7, but it emerged that IE5.01, IE6, IE7 and IE8 Beta 2, have 
also been exploited.

On Monday, Redmond continued to investigate what it called "huge 
increases" in attacks exploiting the "critical" vulnerability in 
Internet Explorer. A blog post on Saturday explained that some of the 
attacks originated from compromised porn sites.

Microsoft is stressing that avoiding questionable Web destinations may 
not be an adequate defense in itself.

"This class of attack, along with other more classical forms of website 
intrusion, mean[s] that even trusted sites can end up serving malicious 
content, causing you[r computer] to get infected. Other researchers 
confirmed that attacks were increasingly coming from compromised Web 
sites," the blog said.

[...]


_______________________________________________      
Help InfoSecNews.org with a donation!
http://www.infosecnews.org/donate.html

Site design & layout copyright © 1986- CodeGods