what is the word
Subscribe About Mail us
SciTech News - Microsoft fortifies security for IE 7

Microsoft fortifies security for IE 7
Microsoft on Tuesday released a patch for the security bulletin MS05-054, besides an update that patches three vulnerabilities in Internet Explorer browser. Microsoft on Tuesday released a patch for the security bulletin MS05-054, besides an update that patches three vulnerabilities in Internet Explorer browser.

Two of the vulnerabilities were categorized as "critical" by Microsoft while the other two were tagged as “moderate”.

One of them was a patch for the zero-day vulnerability which was announced by Microsoft.

Microsoft in its security bulletin stated: “An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system.”

The vulnerabilities affect every version of IE that are currently supported, including IE 5.0, 5.5, and 6.0 on all editions of Windows.

The update also addresses Sony BMG's rootkit issue. The update will disable older versions of the Active X control of SonyBMG.

The critical issues relate to problem handling malicious COM objects of IE and another issue that cropped up with active scripting. Hackers, who exploit the problems, can remotely access a PC and misuse it.

Oliver Friedrichs, a senior manager at Symantec Security Response, said: “These vulnerabilities are increasingly being used to facilitate online fraud through the installation of malicious software on vulnerable computers.” He added: “Symantec has already seen exploits for some of these vulnerabilities in the wild and recommends that users apply the updates as quickly as possible.”

Neel Mehta, team lead of Internet Security Systems' X-Force group said, though vulnerability based attacks have been limited, he suggested that it was crucial for IE users to install the patch. He added: “It's not of epic proportions. But isolated attackers here and there have used it to install malware.”

The other critical issue lets an attacker keep track of all the websites a PC user visits. This can be done even if there are encrypted connections to the sites that are being visited. However, this happens only when the user accesses the Internet using a specific kind of proxy server.
Written by : Caron Armande | Published on : 08:21:00 EST Wed, 14 Dec 2005
Of interest »
» Google takes quick action against Desktop threat
» Firefox reaches landmark 100 million downloads
» Symantec report highlights shift in the nature of online criminal activity
» Mozilla unleashes turbocharged Firefox v.1.5
» Microsoft could issue emergency patch for Trojan exploit
» Microsoft Internet Explorer Home
» Firefox
» IE Blog

New News »





Something to say?

Title
Your Name

Your Email


Enter this code Below

  


© 2006 What is the word | All Rights Reserved
RSS Channels » Money | Showbiz | SciTech | Lifestyle | Travel | USWorld