We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
Microsoft warns on IE browser bug
Browntoa
Posts: 49,620 Forumite
in Techie Stuff
probably best to use firefox or Google Chrome until its fixed
http://www.bbc.co.uk/news/technology-12067295
Microsoft has issued a warning about a serious vulnerability in all versions of its Internet Explorer (IE) browser.
If exploited by a booby-trapped webpage the bug would allow attackers to take control of an unprotected computer.
Code to exploit the bug has already been published though Microsoft said it had no evidence it was currently being used by hi-tech criminals.
A workaround for the bug has been produced while Microsoft works on a permanent fix.
Code injection
The bug revolves around the way that IE manages a computer's memory when processing Cascading Style Sheets - a widely used technology that defines the look and feel of pages on a website.
Hi-tech criminals have long known that they can exploit IE's memory management to inject their own malicious code into the stream of instructions a computer processes as a browser is being used. In this way the criminals can get their own code running and hijack a PC.
Microsoft has produced updates that improves memory management but security researchers discovered that these protection systems are not used when some older parts of Windows are called upon.
In a statement Microsoft said it was "investigating" the bug and working on a permanent fix. In the meantime it recommended those concerned use a protection system known as the Enhanced Mitigation Experience Toolkit.
Installing and applying the toolkit may require Windows XP users to update the version of the operating system they are using. But even if they do that some of the protection it bestows on Windows 7 and Vista users will not be available.
"We're currently unaware of any attacks trying to use the claimed vulnerability or of customer impact," said Dave Forstrom, the director of Microsoft's Trustworthy Computing group, in a statement.
http://www.bbc.co.uk/news/technology-12067295
Microsoft has issued a warning about a serious vulnerability in all versions of its Internet Explorer (IE) browser.
If exploited by a booby-trapped webpage the bug would allow attackers to take control of an unprotected computer.
Code to exploit the bug has already been published though Microsoft said it had no evidence it was currently being used by hi-tech criminals.
A workaround for the bug has been produced while Microsoft works on a permanent fix.
Code injection
The bug revolves around the way that IE manages a computer's memory when processing Cascading Style Sheets - a widely used technology that defines the look and feel of pages on a website.
Hi-tech criminals have long known that they can exploit IE's memory management to inject their own malicious code into the stream of instructions a computer processes as a browser is being used. In this way the criminals can get their own code running and hijack a PC.
Microsoft has produced updates that improves memory management but security researchers discovered that these protection systems are not used when some older parts of Windows are called upon.
In a statement Microsoft said it was "investigating" the bug and working on a permanent fix. In the meantime it recommended those concerned use a protection system known as the Enhanced Mitigation Experience Toolkit.
Installing and applying the toolkit may require Windows XP users to update the version of the operating system they are using. But even if they do that some of the protection it bestows on Windows 7 and Vista users will not be available.
"We're currently unaware of any attacks trying to use the claimed vulnerability or of customer impact," said Dave Forstrom, the director of Microsoft's Trustworthy Computing group, in a statement.
Ex forum ambassador
Long term forum member
Long term forum member
0
Comments
-
google chrome
http://filehippo.com/download_google_chrome/
and firefox
http://filehippo.com/download_firefox/Ex forum ambassador
Long term forum member0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.5K Banking & Borrowing
- 254.1K Reduce Debt & Boost Income
- 455K Spending & Discounts
- 246.6K Work, Benefits & Business
- 602.9K Mortgages, Homes & Bills
- 178.1K Life & Family
- 260.6K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards