Hacker Posts Code for Attack on Older Versions of IE

Kara Reeder

PCs running older versions of Microsoft's Internet Explorer browser could be at risk of a new attack, thanks to an unidentified hacker who posted attack code to the Bugtraq mailing list, reports Computerworld.

 

The attack affects Internet Explorer versions 6 and 7. The article explains:

The flaw lies in the way Internet Explorer retrieves certain Cascading Style Sheet (CSS) objects ... For the attack to work, the hacker would have to lure a victim to a Web page that contained maliciously encoded JavaScript.

Although the code does not always work properly, it could be used to install unauthorized software on a victim's computer, says Symantec. While Symantec has not yet seen the attack being used by criminals, it:

expect[s] that a fully-functional reliable exploit will be available in the near future.

Not updating your software is a sure-fire way to become a victim of such attacks. For other tips on how to protect yourself, especially during this holiday season, check out this post on our Network Security Edge site.



Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 

Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data