[Security] Microsoft Security Advisory (917077)
Quote:
Microsoft Security Advisory (917077)
Vulnerability in the way HTML Objects Handle Unexpected Method Calls Could Allow Remote Code Execution
Published: March 23, 2006 | Updated: March 29, 2006
Microsoft has confirmed new public reports of a vulnerability in Microsoft Internet Explorer. Based on our investigation, this vulnerability could allow an attacker to execute arbitrary code on the user's system in the security context of the logged-on user.
Microsoft has been carefully monitoring the attempted exploitation of the vulnerability since it became public last week, through its own forensic capabilities and through partnerships within the industry and law enforcement. Although the issue is serious and malicious attacks are being attempted, Microsoft’s intelligence sources indicate that the attacks are limited in scope at this time.
The intentional use of exploit code, in any form, to cause damage to computer users is a criminal offense. Accordingly, Microsoft continues to assist law enforcement with its investigation of the attacks in this case. Customers who believe they have been attacked should contact their local FBI office or post their complaint on the Internet Fraud Complaint Center Web site. Customers outside the U.S. should contact the national law enforcement agency in their country.
Microsoft is completing development of a cumulative security update for Internet Explorer that addresses the recent “createTextRange” vulnerability. The security update is now being finalized through testing to ensure quality and application compatibility. It is on schedule to be released as part of the April security updates on April 11, 2006, or sooner as warranted.
Customers who follow the suggested actions and workarounds in this advisory are less likely to be compromised by exploitation of this vulnerability. Users should take care not to visit unfamiliar or un-trusted Web sites that could potentially host the malicious code.
read more about it follow this link: http://www.microsoft.com/technet/sec...ry/917077.mspx
|
there is no patches release at this time, tip they do give is keep your anti-virus and firewall you using up to date.
IE 7 beta is cover for this only. IE7: "Click-here"
__________________
* altnews sources [getmo & others news] not found main FNN: realrawnews.com
*Discord: Unknown77#7121
Playing now days: EA Games> swtor [star wars old republic]
Last edited by Hellfighter; 03-30-2006 at 03:35 PM.
|