toggle

AAPL Stock: 110.91 ( + 3.19 )

Printed from http://www.macnn.com

Microsoft issues security warning, urges IE update

updated 05:32 pm EST, Mon December 31, 2012

IE 6, 7, 8 affected by exploit. IE 9, 10 unaffected

Microsoft has issued a security warning for users of Internet Explorer versions 6 through 8. The vulnerability opens the possibility for remote code execution, and it is based on the way Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. This can lead to memory corruption, allowing malicious parties to run arbitrary code under the current user's profile. Microsoft is currently investigating the vulnerability and, as of December 31, has issued a patch -- MSHTML Shim Workaround -- that prevents the exploitation of the issue.

Internet Explorer versions 9 and 10 are not affected by the vulnerability. By default, Internet Explorer on Windows Server 2003, 2008, and 2008 R2 runs in Enhanced Security Configuration mode, mitigating the vulnerability. Likewise, all supported versions of Outlook, Outlook Express, and Windows Mail are protected, as they open HTML email messages in the Restricted sites zone. Users clicking links in email messages, though, could still be vulnerable to the exploitation.

Microsoft recommends that users of vulnerable software immediately download the MSHTML Shim Workaround patch -- available at the preceding link -- in order to secure their systems.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

Follow us on Facebook

toggle

Most Popular

Advertisement

Recent Reviews

Blue Yeti Studio

Despite being very familiar with Blue Microphones' lower-end products -- we've long recommended the company's Snowball line of mics ...

ZTE Spro 2 Smart Projector

Home theaters are becoming more and more accessible these days, but maybe you've been a bit wary about buying a home projector. And h ...

MSI Geforce GTX 970 100ME

When Nvidia announced a new line of video cards in September 2014, many people thought things would continue to be business as usual i ...

toggle

Most Commented