0 Members and 1 Guest are viewing this topic.
Microsoft warned on Saturday that attacks targeting the vulnerability, which affects versions of its flagship browser on all supported versions of Windows, are becoming more widespread. The security bug first came to prominence a week ago, just before the latest edition of Microsoft's update cycle.At first the flaw was exploited in targeted Trojan attacks but it's now become much more widespread. Crackers have planted exploit code on warez and smut sites and, in some cases, legitimate sites through the use of website vulnerabilities. A popular search engine in Taiwan is among the victims.As a result an estimated one in 500 users worldwide have been exposed to the vulnerability, Microsoft estimates.
The vulnerability is confirmed in Internet Explorer 7 on a fully patched Windows XP SP3 and in Internet Explorer 6 on a fully patched Windows XP SP2, and reported in Internet Explorer 5.01 SP4. Other versions may also be affected.Solution:Do not browse untrusted websites or follow untrusted links.The vendor recommends disabling the use of Oledb32.dll. Please see vendor advisory for additional information.
Users of Microsoft's Internet Explorer are being urged by experts to switch to a rival until a serious security flaw has been fixed. The flaw in Microsoft's Internet Explorer could allow criminals to take control of people's computers and steal their passwords, internet experts say. Microsoft urged people to be vigilant while it investigated and prepared an emergency patch to resolve it.
The vulnerability is specifically targeted at surfers running IE 7, but it's also known to affect versions 5, 6, and 8 of the browser as well. All IE users are advised to install the update.Microsoft's emergency patch will become available Wednesday at 1 PM EST from auto-update and the Microsoft Download Center. A separate patch will be made available for those running IE8 Beta 2. ®