Microsoft warns of new IE zero-day attacks


  1. malexous
    Posts : 622
    Arch Linux 64-bit
       New #1

    Microsoft warns of new IE zero-day attacks


    Microsoft has raised an alarm for a new round of targeted malware attacks against a zero-day vulnerability in its dominant Internet Explorer browser. The vulnerability affects all supported versions of Internet Explorer and can be exploited to launch remote code execution (drive by download) attacks, Microsoft said in an advisory.
    ...
    MITIGATIONS:
    In the absence of a patch, Microsoft recommends that IE users:

    • Override the Web site CSS style with a user defined CSS
    • Deploy the Enhanced Mitigation Experience Toolkit
    • Enable Data Execution Prevention (DEP) for Internet Explorer 7
    • Read e-mails in plain text
    • Set Internet and Local intranet security zone settings to “High” to block ActiveX Controls and Active Scripting in these zones

    Instructions for deploying these mitigations are available in Microsoft Security Advisory (2458511).
    Microsoft warns of new IE zero-day attacks | ZDNet
      My Computer
    Quote Quote

  3. madtownidiot
    Posts : 1,741
       New #2

    They ought to just tell people to install firefox immediately after installing windows.. It has none of IE's ActiveX vulnerabilities. Cross-site scripting attacks don't work against firefox until flash and java are installed, and can be blocked permanently with noscript about 20 seconds after the first time FF connects to the internet
      My Computer
    Quote Quote

 

  Related Discussions
More - Microsoft Warns of Attacks Targeting the Windows Service Isolation Feature - - Softpedia
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 17:58.
Find Us