Tags: Microsoft

Microsoft announces existence of a new Internet Explorer Flaw

Flaws in Internet Explorer are not a new concept. The latest news in is that the world’s largest software company Microsoft has issued a security advisory for Internet Explorer. This was after a research firm SEC Consult published a working exploit to demonstrate how attackers could take advantage of the flaw. This flaw means that attackers could cause the browser to unexpectedly exit and execute arbitrary code.

Almost all the existing versions of Internet Explorer is vulnerable to this problem with IE 6.0 on Windows 2000 with Service Pack 1, 3 and 4, and on Windows XP with Service Pack 1 and 2 confirmed having the flaw. Microsoft reported in the security alert: “Microsoft is investigating a new public report of a vulnerability affecting Internet Explorer. We have not been made aware of any attacks attempting to use the reported vulnerability or customer impact at this time. But we are aggressively investigating the public report.”

The company is yet to make available a patch for this flaw but is expected to be available soon. Microsoft generally releases their patches on the second Tuesday of the month and the timing should suit the company to get the fix prepared for mass release. For the time being, Microsoft has advised the users of Internet Explorer to set their Internet and local intranet security zone settings to “high” before running ActiveX controls.

Of course, using an alternative browser like Opera and Firefox would be a great way to avoid being targeted by the malicious coders.