Miles Associates LLC

Jim Miles – IT & IT Security Consultant – Web Sites for Growing Organizations

New IE 6 & 7 Security Advisory

Sounds like it is time to upgrade to IE 8; I have had no problems with IE 8, using it over the last several months:

Microsoft is investigating new public reports of a vulnerability in Internet Explorer. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue.

Our investigation so far has shown that … Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4, and Internet Explorer 6 and Internet Explorer 7 on supported editions of Windows XP, Windows Server 2003, Windows Vista, and Windows Server 2008 are affected.

The vulnerability exists as an invalid pointer reference of Internet Explorer. It is possible under certain conditions for a CSS/Style object to be accessed after the object is deleted. In a specially-crafted attack, Internet Explorer attempting to access a freed object can lead to running attacker-supplied code.

At this time, we are aware of no attacks attempting to use this vulnerability against Internet Explorer 6 Service Pack 1 and Internet Explorer 7.

via Microsoft Security Advisory 977981: Vulnerability in Internet Explorer Could Allow Remote Code Execution.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: