New IE 6 & 7 Security Advisory | Miles Associates LLC

23 Nov 2009 @ 10:49 PM

New IE 6 & 7 Security Advisory

Sounds like it is time to upgrade to IE 8; I have had no problems with IE 8, using it over the last several months:

Microsoft is investigating new public reports of a vulnerability in Internet Explorer. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue.

Our investigation so far has shown that … Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7 on supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 are affected.

The vulnerability exists as an invalid pointer reference of Internet Explorer. It is possible under certain conditions for a CSS/Style object to be accessed after the object is deleted. In a specially-crafted attack, Internet Explorer attempting to access a freed object can lead to running attacker-supplied code.

At this time, we are aware of no attacks attempting to use this vulnerability against Internet Explorer 6 Service Pack 1 and Internet Explorer 7.

via Microsoft Security Advisory 977981: Vulnerability in Internet Explorer Could Allow Remote Code Execution.

Tags

Categories: Security Posted By: jmiles
Last Edit: 23 Nov 2009 @ 10 49 PM

Email • Permalink

Responses to this post » (None)

Post a Comment

You must be logged in to post a comment.

Comment Meta:
RSS Feed for comments
TrackBack URI

$\/$ More Options ...

Register an account

Change Theme...

[Logged Out]
Login

Users » 4
Posts/Pages » 237
Comments » 15

Change Theme...

Void
Life
Earth
Wind « Default
Water
Fire
Light

About Jim Miles

Contact

Case Studies

Prioritized Approach to PCI