|05 Jan 2011||#1|
Microsoft Confirms Critical IE Bug, Works on Fix
Although the company said it would patch the problem, it is not planning to rush out an emergency update.
That exploit used a technique revealed earlier this year by McAfee researchers that defeats a pair of important Windows defensive technologies -- ASLR (address space layout randomization) and DEP (data execution prevention) -- designed to stymie most attacks.
Users running IE7 or IE8 on Windows Vista and Windows 7 are less likely to be affected by a successful attack, Microsoft claimed, because those browsers include a feature called "Protected Mode" that prompts users before letting them install, run or modify certain operating system components.
Other browsers, including Firefox, Chrome, Safari and Opera, are not affected by the flaw.
The next regularly scheduled Patch Tuesday is Jan. 11, but because Microsoft usually updates the browser every other month, and just did so last week, it's possible the vulnerability won't be addressed until February.
Microsoft Confirms Critical IE Bug, Works on Fix - PCWorld
|My System Specs|
|Similar help and support threads for2: Microsoft Confirms Critical IE Bug, Works on Fix|
|Oracle confirms existence of another critical Java flaw||Security News|
|Microsoft Confirms Attacks Targeting Critical ASP.NET Vulnerability||News|
|Mozilla confirms critical Firefox bug.||Browsers & Mail|
|Mozilla confirms critical Firefox bug||News|
|Microsoft Confirms Attacks Targeting Critical 0-Day Office Excel Vulnerability||Microsoft Office|
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.
© Designer Media Ltd
All times are GMT -5. The time now is 03:36.