New IE Flaw Open to Web Graphics, Patch May Come Next Month


Security firm Sophos is taking the seemingly drastic step of advising Web surfers to simply stop using Internet Explorer, according to a report at the Times Online, until a patch is released for a new vulnerability based on a graphics standard.


The flaw, which Microsoft says may not be resolved by the next Patch Tuesday, Oct. 10, is based on the graphics code Vector Markup Language. Not surprisingly, porn sites are using the bug to install spyware (they are usually the first to find any lucrative Web stunt, legitimate or otherwise).


Sophos warns that traditional firewall and anti-virus measures won't stop this attack, which could result in a total takeover of an infected PC by the hacker.


Microsoft, for its part, suggests that surfers not be logged on as admins for basic tasks such as Web surfing -- sound advice, but not a particularly reassuring response to a browser security alert.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.