IE 0 Day Exploit

12/12/2008 19:27

Microsoft reported a new "zero-day exploit" that affects most versions of the Internet Explorer browser. A zero-day exploit is a security vulnerability that is being exploited before the software vendor or public know that the issue exists. This particular exploit attacks flaws within Internet Explorer that can cause it to “exit unexpectedly, in a state that is exploitable”- in English: the attacker can take control of the computer.

Microsoft has documented security breaches with Internet Explorer 7, and has confirmed that the security vulnerability is present in Internet Explorer version 5 and higher. Microsoft is working on patch to resolve this issue, but it has not yet been released.

This exploit is dependent upon a user browsing to infected websites with Internet Explorer and cannot be triggered through email, instant messaging or other web browsers.

Until a patch is released and installed on your computers, this threat can be mitigated by taking the following steps:

  • Set your Internet Explorer security setting to “High” for the Internet zone. The following steps describe how to configure this:
    1. On the Internet Explorer Tools menu, click Internet Options.
    2. In the Internet Options dialog box, click the Security tab, and then click the "Internet" icon.
    3. Under Security level for this zone, move the slider to High. This sets the security level for all Web sites you visit to High. (Note: If no slider is visible, click Default Level, and then move the slider to High.)

NOTE: This may limit the features of some websites. If these sites are required for your business, exceptions can be made for them if you contact your IT provider

 

  • Use a browser besides Internet Explorer. Other browsers such as Mozilla’s Firefox and Google’s Chrome do not currently have this security vulnerability.

 

  • Limit browsing to sites required for work.

 

Once released, the patch for this security vulnerability should be distributed through your standard patching process.

Further information:

Microsoft Security Advisory

https://www.microsoft.com/technet/security/advisory/961051.mspx

In the news:

https://www.eweek.com/c/a/Security/UPDATED-Microsoft-Issues-Advice-on-Internet-Explorer-ZeroDay Attacks/

https://isc.sans.org/

Alternate Browsers (may require administrative provides to install)

https://www.mozilla.com/en-US/firefox/

https://www.google.com/chrome

https://www.opera.com/

Topic: IE 0 Day Exploit

Date: 07/07/2022

By: AnthonyHer

Subject: 출장마사지

Date: 07/07/2022

By: DavidTix

Subject: 娛樂城推薦


娛樂城推薦

Date: 07/06/2022

By: PhillipScobE

Subject: e-vätskor för elektroniska cigaretter

Date: 07/06/2022

By: AnthonyHer

Subject: 출장마사지

Date: 07/06/2022

By: RobertRok

Subject: 출장안마

Date: 07/06/2022

By: StewartOccum

Subject: 핀페시아


핀페시아

Date: 07/06/2022

By: DonaldTem

Subject: изработка на сайтове


Date: 07/06/2022

By: RobertRok

Subject: 출장안마

Date: 07/06/2022

By: Willardgroum

Subject: 출장안마

Date: 07/06/2022

By: RobertRok

Subject: 출장안마

1 | 2 | 3 | 4 | 5 >>

New comment