New attack targets weakness in Internet Explorer

Blueprints showing attackers how to exploit a previously unknown security hole in versions of Microsoft's Internet Explorer browser recently were published online. The danger here is if IE users browse to a hacked or booby-trapped Web site that uses the exploit, that site could install malicious software.

Microsoft has not yet issued an advisory about this threat. According to initial reports from Symantec and vulnerability management firm VUPEN, the exploit works against IE 6 and IE 7 versions only. The vulnerability apparently resides in the way IE handles so-called cascading style sheet information (CSS), which a great many Web sites use to control the design and formatting of text and other site elements.

.
.

Now might be an excellent time for diehard IE users to either upgrade to IE8, or to try out another browser, such as Firefox or Opera.

http://voices.washingtonpost.com/securityfix/2009/11/new_attack_targets_weakness_in.html

any one using internet explorer? ;D
just who dont care about their security :wink:

So far, problem applies to XP only. When MS patches IE7, they really could do the world a favor by doing it for 6 also since this “hole” allows a hostile takeover. On the other hand, heed Superhacker.

I use IE as an addon (IE View Lite)with my Firefox. I only use it when a website is so fouled up that it is hard to read. However, I have IE 8.

That weakness isn’t present in IE8 therefore, if you are using IE simply upgrade to IE8.

Exactly… :slight_smile:


If you are using an MS OS, you have IE installed. So, like me, you should have updated to IE8 long ago.


IE7 & IE8 not compatible with old (98X, ME, etc.) OSs.


Of which no one should now be using since they are out-dated and insecure to use. This makes these OS’s doubly insecure as they would also be restricted to using the very insecure IE6 … or even worse, less than IE6.