You are here: silicon.com > Software > Security Strategy

Security Strategy

Microsoft issues security advisory for IE

Flaw not yet patched...

Tags: sec consult, security, internet explorer, ie

Printer Friendly Email Story RSS

By Dawn Kawamoto

Published: 4 July 2005 08:30 GMT

Microsoft has issued a security advisory for Internet Explorer, after a research firm published a working exploit to demonstrate how attackers could take advantage of the flaw.

The vulnerability, discovered by SEC Consult, mean that attackers could cause the browser to unexpectedly exit and execute arbitrary code. Versions of IE affected by the flaw include IE 6.0 on Windows 2000 with Service Pack 1, 3 and 4, and on Windows XP with Service Pack 1 and 2.

Microsoft said in its advisory: "Microsoft is investigating a new public report of a vulnerability affecting Internet Explorer. We have not been made aware of any attacks attempting to use the reported vulnerability or customer impact at this time. But we are aggressively investigating the public report."

A patch for the flaw is not available. As an interim measure, the software giant advises people to set their internet and local intranet security zone settings to "high" before running ActiveX controls.

The alert is part of a recently launched Microsoft programme to confirm reports of security problems and provide a workaround until a fix is delivered.

The discovery of this latest IE flaw comes two weeks after Microsoft released several "critical" security patches, including one for IE. Those patches addressed vulnerabilities that allowed for remote execution of code.

Dawn Kawamoto writes for CNET News.com

Add Comment Add comment  Printer Friendly Print story with   Email Story Email story  
In
Applications

Operating Systems

SOA/Web Services

Malware

Security Strategy


Reader Comments

Oh dear not again. Try using a fire wall
Anonymous

yet another reason to use firefox
Uvme

Click here to see all

Related Links

Microsoft's 'Patch Tuesday' targets six critical flaws

Microsoft: Another patch comes unstuck

Microsoft issues largest patch batch to date

New IE flaw rated as "critical"

Microsoft finds malicious attack flaw

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

Bob Tarzey Why you must rein in your power users When they do damage, it can be catastrophic to your business

Jon Collins Is losing a mobile device really such a big deal? How to minimise the damage to your business

UK ID cards rollout hit by delay as launch date revealed

Bletchley Park's World War Two codebreakers in their own words

'You're responsible for your own wi-fi security' say ISPs

'UK must up privacy safeguards following Phorm'

The top 10 technologies you need to plan for next year


  • Jobs
Application Access Engineer

You MUST be SC cleared Skills mandatory: Enterprise scale Infrastructure Topologies and Architectures; Enterprise scale application deployment ...

Information Security Manager - Midlands 2027P

The role includes development of information security policies, processes and procedures, contribution to information security strategy, managing a ...

Test Analyst -Automation, Life, Pension, Quality Centre QTP

Maintain automation scripts as part of the regression pack. Execute automation scripts as and when needed for projects and programme. (Test Analayst, ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.

CEO Dashboard Management: Why Creating Visual Reports You Can't Hide From Will Help...

Virtual Private Servers (VPS)

Looking for a fast payback? 10 Minutes with Free Tool Can Save Thousands

The Truth About Wasteful Spending on Software: How to Stop Giving Your Software Vendors...

Martin Brokers cashes in on back-up swap

VocaLink makes virtualisation pay

Sony Pictures sets sights on best IT Oscar

Co-op Group kicks "server sprawl" into touch

Arts Council gets tech troubleshooting boost

Torex tech treats Thorntons to quicker sales

Stories from the web...


ID card database: 500 names added in first month

Women in IT: Tech has an image problem

Tesco Mobile to get a taste of Apple's iPhone

Marketing chiefs: Are you spamming your customers?

IT skills shortage squashed by recession?

Users tell SAP: 'We need to talk more'




Quick Sitemap Links: