New Internet Explorer Vulnerability Revealed by Microsoft   - 1,677 Views,

Summary: Microsoft has said this week that they are receiving reports of a newly-discovered vulnerability in some versions of Internet Explorer. According to Microsoft, the vulnerability can be exploited in one of four different ways, involving any one of WMF images, email attachments, link poisoning, or getting a user to view an email message in the Outlook Express preview pane.
  

Previous Article « Feds Propose Tax on Wifi Use!
Read Next Article » High School Students Busted After Drinking Sessions are Photo Blogged

New Internet Explorer Vulnerability Revealed by Microsoft        Follow Anne on Twitter     Friend Anne on Facebook

Microsoft has said this week that they are receiving reports of a newly-discovered vulnerability in some versions of Internet Explorer.

According to Microsoft, the vulnerability can be exploited in one of four different ways, involving any one of WMF images, email attachments, link poisoning, or getting a user to view an email message in the Outlook Express preview pane.

Explained Microsoft, “Microsoft has determined that an attacker who exploits this vulnerability would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker’s Web site. It could also be possible to display specially crafted Web content by using banner advertisements or by using other methods to deliver Web content to affected systems. In an e-mail based attack, customers would have to click a link to the malicious Web site, preview a malicious e-mail message, or open an attachment that exploited the vulnerability. In both Web-based and e-mail based attacks, the code would execute in the security context of the logged-on user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.�

That’s the bad news.

The good news is that this vulnerability affects only Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 5.5 Service Pack 2 on Microsoft Windows Millennium. And no others.

So if you are running either of these, gosh, time to upgrade!

Was this information helpful? If so, please leave us a review!

SHARE:
New Internet Explorer Vulnerability Revealed by Microsoft
SOCIAL:        Friend Anne on Facebook        Follow Anne on Twitter        Twitter Explained in Plain English
SEARCH:
       

Leave a Comment

Previous Article « Feds Propose Tax on Wifi Use!
Read Next Article » High School Students Busted After Drinking Sessions are Photo Blogged

Read more:

»  Microsoft Issues Security Advisory for Security Hole in IE6 and IE7

»  New Security Flaw in Internet Explorer, and How to Fix It

»  Microsoft Announces Web View Security Hole in Windows 2000

»  Download Internet Explorer - Why and Where

For additional similar stories check out our archives on Internet Explorer, Microsoft, Security

NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.

 

No Comments »

No comments yet.

RSS feed for comments on this post.

Leave a comment

Warning! All comments which contain URLs and are clearly just spam to generate a link back to the URL will be deleted on sight. Don't bother wasting your time!

If you are going to include a URL in your comment,
please keep it under 25 characters in length,
or use TinyURL to shorten it before including it in your comment.

Line and paragraph breaks are automatic, your email address is never displayed.

(required)

(required)


 
 This article first appeared on 2/8/2006
The Internet Patrol
Patrolling the Internet for You!