apply Microsoft’s latest IE patch as soon as possible,

Microsoft Releases Critical Patch For IE Zero Day Flaw

 Dec.   2008   Microsoft (NSDQ:MSFT) issued an out-of-band emergency patch Wednesday for a zero-day Internet Explorer vulnerability that has opened the door for hackers to install malware on susceptible computers without any user intervention.

The flaw, which is given the highest severity rating of critical, affects all versions of Microsoft’s IE Web browser. Specifically, Microsoft’s IE update affects versions of Windows 2000 for IE 5.01: XP, XP Professional, Server 2003 for IE 6; and XP, Server 2003, Vista, Server 2008 for IE 7. The vulnerability was reported after the release of Windows IE 8 Beta 2, but Microsoft still recommends in its advisory that users apply the patch.

The IE security problem is the result of a fundamental flaw in the browser’s data binding function, which ultimately leaves a hole in the memory space that can be accessed by remote hackers. Internet Explorer can then quit unexpectedly while in an exploitable state.

Unlike other exploits, users have only to visit a malicious site infused with Trojans or other malware in order to become infected. Hackers can also entice victims to visit a specially crafted site, usually via some kind of phishing or social engineering scheme, or place infected banner ads on legitimate Web sites.

Once users open an infected Web page, malicious downloaders are then installed on their computers, which are designed to record keystrokes and steal passwords, credit card numbers, or other financial information. The users’ computer could also become part of a botnet, an infected network of compromised computers, operated by a central command and control center.

Security experts strongly recommend that users apply Microsoft’s latest IE patch as soon as possible, which can be downloaded from the Microsoft Web site.

 

Advertisements
Previous Post
Leave a comment

1 Comment

  1. DEALING EFFECTIVELY with Computer Viruses, Spyware, etc., « Missing the point?

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: