Microsoft Warns of Attacks on Older IE Versions
Microsoft revealed that Internet Explorer (IE) 6, 7, and 8 are being electronically attacked by hackers exploiting a previously unknown vulnerability in the products. Theflaw is not found in new IE versions—IE 9 and IE 10—and Microsoft advises customers to upgrade to these versions when possible.
There’s just one problem, of course: IE 8 is the newest version that Windows XP customers can use.
“Microsoft is investigating public reports of a vulnerability in Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8,” a security advisory reads. “Microsoft is aware of targeted attacks that attempt to exploit this … remote code execution vulnerability.”
Microsoft currently offers a workaround via a Fix it solution called MSHTML Shim Workaround that prevents the exploitation. (The Fix it does not require a reboot, Microsoft says.) The firm says that it will provide a formal fix via its monthly security update release process, or with an out-of-cycle security update if needed.
According to security researchers at FireEye, the exploit uses a “heap spray attack” against IE using Adobe Flash. It is withholding technical details about the attack while Microsoft continues its investigation.
I have had the same issues with IE as Roncerr, it too hangs on the odd occassion, mostly when its on its first website of the day after switching on, which is frustrating. On the last rendition of the Winsupersite, I had weird things happen when I couldn't read the article unless I switched the compability on or off, if I did I couldn't leave a comment, it was either one or the other. No problem with that now though. I still use IE8 at work because I have to, they dont like us using Chrome etc. and of course I can't upgrade it. Chrome and Firefox etc, dont get off the hook so easily because of this, they too have their annoyances.
ReplyDelete