New Public Vulnerability Affects Internet Explorer 6 and 7 Users
Last week Microsoft announced that a new threat faces Internet Explorer 6 and 7 users. This publicly disclosed vulnerability, now with readily available exploit samples, allows for remote code execution within the rights of the current user.
The vulnerability lies within the iepeers.dll lbrary, and the currently recommended workarounds from Microsoft (disabling support for iepeers.dll or using ACLs to limit access) have significant usability issues for end users, including affecting printing, web folders and other MSHTML functionality.
There may be an out-of-cycle patch released for this issue, at least according to the most recent update from the Microsoft Security Response Center. The other significant public issue facing Internet Explorer users at the moment, the remote code execution vulnerability linked to help files is still without a patch or an expected patch date.
14 March 2010
Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.
Comments will soon be available for registered users.
Subscribe to our feed.