Jump to content

Microsoft Plans Patch For IE Hole

Guest thecableguy

Recommended Posts

Guest thecableguy

Microsoft is responding to what one security firm terms a "highly critical" flaw in Internet Explorer.

The software giant said it is planning to release a pre-patch advisory with instructions on avoiding the security problem.

Attackers could exploit a flaw in the "createTextRange()" method used by IE to control radio buttons, according to Copenhagen, Denmark-based Secunia Research, which first reported the flaw.

The security hole would enable malicious hackers to execute code when IE users visit a specially crafted Web site, according to an alert published by Secunia.

The flaw was confirmed on a fully patched version of IE 6.0 and Microsoft XP SP2, as well as IE 7 Beta 2 Preview released in January, according to the security company.

Microsoft's Security Response Center (MSRC) blog said the company is aware of the flaw and is investigating and plans to issue an advisory.

It reassured users of the IE 7 Beta 2 Preview who received the software at the Microsoft Mix06 conference held in Las Vegas earlier this week that they are not affected.

The Beta 2 release is an interim version coming between an earlier January Beta 2 and the final beta Microsoft plans to offer this summer.

Turning off Active Scripting will also prevent an attack, according to the blog entry. Outlook and Outlook Express e-mail users are not affected, according to Lennart Wistrand, the MSRC's program manager

<reprint from internetnews>

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...