Internet Explorer 9 haunted by 'critical' security vulnerabilities


Recommended Posts

Internet Explorer 9 haunted by 'critical' security vulnerabilities

By Ryan Naraine | October 11, 2011, 12:03pm PDT

Summary: Microsoft fixes drive-by download flaws in the latest version of its dominant Internet Explorer browser and warns that exploits could emerge within 30 days.

Microsoft's shiny new Internet Explorer 9 browser contains critical security vulnerabilities that expose users to drive-by download attacks, the company warned today.

According to Microsoft, the IE vulnerabilities could be exploited if a user simply surfs to a maliciously rigged website.

The IE update (MS11-081), available for all users or Microsoft Windows and all versions of Internet Explorer, covers at least eight documented security holes in the world's most widely used browser.

The most severe vulnerabilities could allow remote code execution if a user views a specially crafted Web page using Internet Explorer. An attacker who successfully exploited any of these vulnerabilities could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

The update fixes the vulnerabilities by modifying the way that Internet Explorer handles objects in memory and the way that Internet Explorer allocates and accesses memory, Microsoft explained.

Microsoft is urging all Windows users to treat this with the utmost priority because of the likelihood of reliable exploit code within 30 days. Malicious hackers typically reverse-engineer the patches to identify the flaws and write exploits immediately to launch malware attacks.

Story here: http://www.zdnet.com...le_skin;content

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...