Feeds

New hacker peril for older IE versions

New species of unpatched bug bites IE6 and 7

The smart choice: opportunity from uncertainty

Internet Explorer users are at risk from a newly discovered and unpatched vulnerability in older versions of Microsoft's browser.

A security flaw involving a dangling pointer in Microsoft's HTML Viewer (mshtml.dll) creates a possible mechanism for hackers to crash the browser and inject malware, providing they can trick marks into visiting maliciously constructed sites designed to exploit the vulnerability. Poor reliability exploits targeting the flaw were posted on underground websites late last week. Better quality attacks are more than likely to follow.

Tests by Symantec have confirmed the 0-day flaw affects Internet Explorer 6 and 7. IE8 users are reckoned to be in the clear.

Surfers using older versions of IE (why the heck is anyone still using IE6 anyway?) are advised to disable JavaScript and to stay away from untrusted websites. Alternatively they could upgrade to IE8 or use an alternative browser instead.

More on the threat can be found in a write-up by the SAN Institute's Internet Storm Centre here. ®

The Essential Guide to IT Transformation

More from The Register

next story
LibreSSL crypto library leaps from OpenBSD to Linux, OS X, more
First cross-platform version of cleaned-up OpenSSL fork
Think Google Glass is creepy? Wait until it READS YOUR MIND
Startup penetrates the mind of Glassholes
Bezos house 'on FIRE': Amazon in-app kiddy megabuck charge storm
FTC prepares boot for firm's ass in lawsuit
Victim of Tor-hidden revenge smut site sues Tor Project developers
But EFF lawyer says deep-web team 'no more liable' than web server makers
Chrome Remote Desktop adds Linux to supported OS list
Drive Debian from the confines of a Chromebook
Microsoft wants to lure biz users with fondleable Windows 8.1 'Apportals'
Custom Start Screens lump enterprise apps and data in one place
Google's lounge room invasion advances with Chromecast upgrade
Your tellie is about to mirror your Android
I've got 99 problems, but a Facebook boycott ain't one
If you're havin' Zuck problems, I feel bad for you son
Free Red Hat clone CentOS-7 is full of Linux Container love
All the glitter of RHEL 7 – without the price tag
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximizing your infrastructure through virtualization
Virtualization continues to be one of the most effective ways to consolidate, reduce cost, and make data centers more efficient.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.