Mediumcube.com Blog Information about technologies at Mediumcube and our services

January 17, 2010

Critical Internet Explorer Vulnerability

Microsoft has issued an advisory advising of a 0-Day Exploit in Internet Explorer 6, 7 and 8 which could allow a remote attacker to install a trojan virus on a user system without their knowledge.

Microsoft is working on a solution, but has not  released one as of the time of writing this post. Due to the fact an already exploitable code is available on the web with no path in sight, it is highly recommended not to visited untrusted sites or to use a different browser than Internet Explorer until a patch is released.

More information can be found at:
http://www.microsoft.com/technet/security/advisory/979352.mspx

Possible workaround released by Microsoft (Enabling DEP):
http://support.microsoft.com/kb/979352

This is a very serious security threat. From the reports available, Anti-Virus softwares are not sufficient protection against this weakness.

UPDATE: Microsoft has released a patch for the the above vulnerability, however, a new exploit has been found with the same severity. Therefore, we highly recommend not to use Internet Explorer for the time being. The new advisory: http://www.microsoft.com/technet/security/advisory/980088.mspx

Powered by WordPress