CURSED BY ITS HAIRBALL CODE, Microsoft has released another security warning relating to a bug in Internet Explorer.
In a blog post on its technet website the firm said that the vulnerability, which has been disclosed elsewhere, would give hackers access to personal information.
Hackers would only need to redirect the user to a site containing malicious code for them to be affected. However, at present the Vole said that it would only affect those that had disabled Internet Explorer Protected mode.
Jerry Bryant, security communications manager, posted, "Customers running Internet Explorer 7 or Internet Explorer 8 in their default configuration on Windows Vista or later operating systems are not vulnerable to this issue as they benefit from Internet Explorer Protected Mode, which protects from this issue. Windows XP users, or users who have disabled Protected Mode, can help protect themselves by implementing Network Protocol Lockdown. We have created a Microsoft Fix It to automate this. The Fix It can be run on individual systems or enterprises can deploy it through their automated systems."
Graham Cluley suggested that Microsoft was making light of something that could prove to be an issue for many users. On his blog he wrote, "Of course it would be bad news if malicious hackers took advantage of this flaw, as there is no patch yet available from Microsoft. It remains to be seen how quickly Microsoft can roll-out a proper fix for the problem, but hopefully it will be sooner rather than later as it does sound as though the vulnerability is trivial to exploit."
Athough Bryant said that Microsoft was not aware of any attacks that make the most of the issue, it is working on a further update and will release that when it is ready. "As with any update, we have to balance overall quality and ensure application compatibility before we release it", he added.
Shorthand for 'after someone exploits it,' we reckon. µ
Sweet streams are made of these
'5Guarantee' all but guarantees a 5G iPhone
Firm Kracks down on WiFi flaw
Razring the stakes