You are here: silicon.com > Software > Security Strategy

Security Strategy

Microsoft issues security advisory for IE

Flaw not yet patched...

Tags: sec consult, security, internet explorer, ie

By Dawn Kawamoto

Published: 4 July 2005 08:30 BST

Microsoft has issued a security advisory for Internet Explorer, after a research firm published a working exploit to demonstrate how attackers could take advantage of the flaw.

The vulnerability, discovered by SEC Consult, mean that attackers could cause the browser to unexpectedly exit and execute arbitrary code. Versions of IE affected by the flaw include IE 6.0 on Windows 2000 with Service Pack 1, 3 and 4, and on Windows XP with Service Pack 1 and 2.

Microsoft said in its advisory: "Microsoft is investigating a new public report of a vulnerability affecting Internet Explorer. We have not been made aware of any attacks attempting to use the reported vulnerability or customer impact at this time. But we are aggressively investigating the public report."

A patch for the flaw is not available. As an interim measure, the software giant advises people to set their internet and local intranet security zone settings to "high" before running ActiveX controls.

The alert is part of a recently launched Microsoft programme to confirm reports of security problems and provide a workaround until a fix is delivered.

The discovery of this latest IE flaw comes two weeks after Microsoft released several "critical" security patches, including one for IE. Those patches addressed vulnerabilities that allowed for remote execution of code.

Dawn Kawamoto writes for CNET News.com

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure

  • Jobs
Security Consultant Ethical Hacking / Penetration Testing - London

Responsibilities: - Deliver security assessment services including network scanning, vulnerability testing, penetration testing, search engine ...

Web Applications Developer

We expect team members to keep abreast of developments in the field and exploit new technologies as and when required. For an application pack please ...

GBS-0088233 CRM Infrastructure Architect

Your responsibilities will include: - Working with IBM Strategy Consultants and Application Architects and our clients to explore optimal platforms ...

CIO50 2008
The silicon.com CIO50 2008 profiles the most influential and innovative tech chiefs in the UK across all industries and organisation size, from the biggest FTSE100 companies to high growth dot-com start ups and the public sector. The list was voted on by the UK CIO community and a panel of experts. Find out more in our latest special report.





Quick Sitemap Links: