Serious security flaw found in IE

by Julian Prokaza
on Tue 16 Dec 2008 2 Comments

Internet Explorer security advisoryBrowsing us with Internet Explorer? You might want to consider a temporary switch of browser. Microsoft's issued a Security Advisory, admitting the discovery of a, "vulnerability in Internet Explorer" that "could allow remote code execution."

Translation?  There's a large hole in IE that could lead to some teenage Russian with a bad case of malintent to take control of your computer and nab your passwords - or so we're told...

Internet Explorer isn't our browser of choice, but it still remains the software installed on the vast majority of Internet users' PCs. The threat is considered serious enough that even the BBC's picked up on it in today's bulletins.

First reports of the flaw actually came from users themselves. Since then, Microsoft has found it in IE 7.0 - but says the vulnerability is present in all versions. In its security advisory, its says it's, "continuing its investigation of public reports of attacks against a new vulnerability in Internet Explorer."

Software maker, Trend Micro has said up to 10,000 websites have already been compromised, serving up malware that, among other things, steals game passwords.

Microsoft's working on a fix, but in the meantime, we'd say Firefox, Opera and Safari are your friends.

[ Microsoft]

Originally published on www.mobilecomputermag.co.uk, now incorporated into Broadband Genie
© Dennis Publishing

Like this? Please share it!

Like Broadband Genie?




Comments

  • neutral

    by Mahesh the website designer at 16:27 on 16 Dec 2008Report abuse

    Speaking as a freelance website designer, this honestly is just more proof that Internet Explorer is a bag of spanners and is over ridden with flaws. Everyone browsing the web really deserves better. I would recommend people to download and switch to the free 'Firefox 3.0' as it really will make your web browsing more secure, faster and enjoyable.

  • neutral

    by anonymoose at 18:00 on 16 Dec 2008Report abuse

    NoScript is a free plugin for Firefox that filters scripts, and to my knowledge is the only such solution. I would never surf the web and allow unrestricted website scripts to run through my browser.

    Most web sites rely on Java, Flash, and Javascript to present their content. unfortunately, even "trusted" websites usually present cross-scripts (in the form of "ads") from other sites which they neither monitor nor control.

    It is these cross-scripts which is the major vulnerability for all browsers, and through which malicious code is introduced to computers.

    NoScript filters all scripts by default and then presents a list of scripts to the user. The user chooses which ones to permit. Even keyboard redirecting scripts are caught (no browser in the world has this level of security).

    I would never surf without NoScript (in Firefox).

Add your comment now

Post a reply to this thread

 

 

Please describe your emotions in making this comment:


Powered by reCAPTCHA

Unless you are a verified user, comments will be moderated before they appear. Comments submitted entirely in capital letters, containing advertising or excessive swearing will be rejected; please try to be polite. The best comments are relevant, factual and balanced; think about all aspects of the package, such as speed, connection quality and customer service. We reserve the right to edit comments.