http://www.theregister.co.uk/2010/03/29/ie_emergency_fix/ By John Leyden The Register 29th March 2010 Microsoft has announced plans to release an out-of-sequence patch, designed to resolve a zero-day vulnerability in Internet Explorer. A cumulative update to Internet Explorer (MS10-018) plugs a security hole in IE 6 and IE 7 exploit by hackers over recent weeks. The latest version of Microsoft's browser - IE 8 - is not vulnerable to the flaw, which Microsoft first acknowledged was a problem on 9 March. The vulnerability involves a flaw in the iepeers.dll library involving the handling of invalid values passed to the "setAttribute()" function. Exploits create a means to drop malware onto the PCs of victims, providing they visit booby-trapped website using vulnerable version of IE, as explained in our earlier story here. [...] ___________________________________________________________ Register now for HITBSecConf2010 - Dubai, the premier deep-knowledge network security event in the GCC, featuring keynote speakers John Viega and Matt Watchinski! http://conference.hitb.org/hitbsecconf2010dxb/Received on Mon Mar 29 2010 - 23:32:59 PDT
This archive was generated by hypermail 2.2.0 : Mon Mar 29 2010 - 23:39:54 PDT