|05 Jan 2011||#1|
| || |
Microsoft Confirms Critical IE Bug, Works on Fix
Although the company said it would patch the problem, it is not planning to rush out an emergency update.
That exploit used a technique revealed earlier this year by McAfee researchers that defeats a pair of important Windows defensive technologies -- ASLR (address space layout randomization) and DEP (data execution prevention) -- designed to stymie most attacks.
Users running IE7 or IE8 on Windows Vista and Windows 7 are less likely to be affected by a successful attack, Microsoft claimed, because those browsers include a feature called "Protected Mode" that prompts users before letting them install, run or modify certain operating system components.
Other browsers, including Firefox, Chrome, Safari and Opera, are not affected by the flaw.
The next regularly scheduled Patch Tuesday is Jan. 11, but because Microsoft usually updates the browser every other month, and just did so last week, it's possible the vulnerability won't be addressed until February.
Microsoft Confirms Critical IE Bug, Works on Fix - PCWorld
|My System Specs|
|Similar help and support threads for2: Microsoft Confirms Critical IE Bug, Works on Fix|
|Oracle confirms existence of another critical Java flaw||Security News|
|Microsoft Confirms Attacks Targeting Critical ASP.NET Vulnerability||News|
|Mozilla confirms critical Firefox bug.||Browsers & Mail|
|Mozilla confirms critical Firefox bug||News|
|Microsoft confirms IE6, IE7 zero-day bug||Browsers & Mail|
|Microsoft confirms first Windows 7 zero-day bug||Browsers & Mail|
|Microsoft Confirms Attacks Targeting Critical 0-Day Office Excel Vulnerability||Microsoft Office|
|Our Sites ||Site Links ||About Us ||Find Us |
© Designer Media Ltd
All times are GMT -5. The time now is 03:49 PM.