Microsoft Issues Security Advisory for Security Hole in IE6 and IE7
0 (0)

The Internet Patrol - Patrolling the Internet for You
Rate this post!
 

Microsoft has issued a vulnerability security advisory (#981374) for a security hole in Internet Explorer 6 (IE6) and Internet Explorer 7 (IE7) that could allow someone to remotely execute code on your PC – that is, to remotely operate your computer.

Explains Microsoft of the IE6 and IE7 vulnerability, “Microsoft is aware of a new vulnerability that affects Internet Explorer…. At this time, we are aware of targeted attacks attempting to use this vulnerability. We will continue to monitor the threat environment and update this advisory if this situation changes. On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.”


The way that this vulnerability is most likely to be exploited, says Microsoft, is through creating a website designed to take advantage of the vulnerability, and then luring unsuspecting users to the site. “An attacker could host a specially crafted Web site that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the Web site. The attacker could also take advantage of compromised Web sites and Web sites that accept or host user-provided content or advertisements. These Web sites could contain specially crafted content that could exploit this vulnerability,” explains Microsoft.

Although both Internet Explorer 6 (IE6) and Internet Explorer 7 (IE7) are affected by this vulnerability; Internet Explorer 8 is not affected.

Microsoft has repeated exhorted their users to stop using IE6, and discontinued support of IE 6 last month, leading to the staging of a funeral for IE6.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

The vulnerability can only be exploited if Active Scripting is enabled on your system, so unless and until Microsoft issues an update to address this vulnerability, your best bet to protect against this vulnerability is to set your Internet zone security to “high” which disables Active Scripting. Says Microsoft, “Based on our investigation, setting the Internet zone security setting to High will protect users from the issue described in this advisory.”

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

Rate this post!
 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.