New risk to Internet Explorer users found

On Dec 16, 2008

According to ComputerWorld, Microsoft has confirmed a new security bug in Internet Explorer that lets hackers exploit this vulnerability to attack computers running the famous navigator of Redmond.

It is also seen that, the bug is found in all versions of Internet Explorer (IE5, IE6, IE7 and IE8 Beta 2), becoming a risk to users who surf the Net on Windows 2000, XP, Vista , Server 2003 and Server 2008.

Although, the company continued to downplay the severity of the threat, a spokesman of Microsoft told that “at this moment we only have a limited amount of warning of attacks that try to use this vulnerability against Internet Explorer 7″.

Microsoft also spelled out the root of the problem, saying that the bug is in IE’s data binding functionality, and not, contrary to earlier reports by independent security researchers, in the HTML rendering code.
Microsoft is already working on, and meanwhile, they recommend that you disable file Oledb32.dll (I think it has something to do with drag files and stuff) to cover the backs.
Danish security company Secunia ASP claimed that its research, which it said has been passed along to Microsoft, identified the vulnerability’s true nature.

Hopefully this new vulnerability in Internet Explorer is not massively exploited by hackers to take control of the computers of thousands of people around the world before they pull the appropriate Microsoft patch.

The important thing is that it has been localized, but still concerned that there is no official response on the part of the team responsible for the security of the browser from Redmond.

Source: Techno 360

How the BBC reported the IE security breach

Users of the world’s most common web browser have been advised to switch to another browser until a serious security flaw has been fixed.

The flaw in Microsoft’s Internet Explorer could allow criminals to take control of people’s computers and steal their passwords, internet experts say.

Microsoft is investigating the problem and preparing an emergency software patch to resolve it, it says.

Internet Explorer is used by the vast majority of the world’s computer users.

“Microsoft is continuing its investigation of public reports of attacks against a new vulnerability in Internet Explorer,” said the firm in a security advisory alert about the flaw.

Microsoft says it has detected attacks against version seven of the browser – its most widely used edition.

But the company warned that other versions were also potentially vulnerable.

Source: BBC