|
IT Developments
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
IE9 Blocks Malware, But Older Versions Are Vulnerable
- From: Brian Warkoczeski
- Date: Thu Dec 23 14:57:59 2010
IE9 Blocks Malware, But Older Versions Are Vulnerable
Barry Levine, newsfactor.com
December 23, 2010
It's one step forward and one back for security on Microsoft's Internet
Explorer browser. A new report from a security firm found that IE9 beta
offers "vastly" more protection from malware than other browsers, while
Microsoft on Wednesday issued a warning that there is a vulnerability in
IE 6, 7 and 8 that could allow someone to take remote control of the
computer.
The software giant said there is no evidence this vulnerability has
actually been used. Dave Forstrom, director of Microsoft's Trustworthy
Computing group, said Microsoft was "currently unaware of any attacks
trying to use the claimed vulnerability or of customer impact."
Cascading Style Sheets
The attack could be hidden as malicious code in a web page, and involves
the way computer memory is managed when the browser processes Cascading
Style Sheets. CSS is widely utilized to control how a page is presented.
Microsoft has issued updates to fix the memory management problem, but
now it appears the updates aren't completely effective. While it works
on a more permanent fix, the company has recommended the use of a free
Enhanced Mitigation Experience Toolkit that it offers. But, the company
said, "the issue does not currently meet the criteria" for an
out-of-cycle fix.
The company said IE Protected Mode on Windows Vista and Windows 7 "helps
to limit the impact" of this vulnerability. But according to some
security researchers, the vulnerability can be still exploited in
up-to-date Windows 7 and Vista computers.
For the rest of the article, please see:
http://news.yahoo.com/s/nf/20101223/tc_nf/76641
|
|
|
