In a blog posting, McAfee chief technology officer George Kurtz explained that researchers for the firm have seen references to the code on mailing lists and that it has been published on at least one web site.An attacker could use the flaw to gain control over a user’s system by tricking them into visiting a rigged web page, he said.“The public release of the exploit code increases the possibility of widespread attacks using the Internet Explorer vulnerability,” warned Kurtz. “The now public computer code may help cybercriminals craft attacks that use the vulnerability to compromise Windows systems. Popular penetration testing tools are already being updated to include this exploit. This attack is especially deadly on older systems that are running XP and Internet Explorer 6.” Microsoft issued a security advisory on Thursday admitting that Internet Explorer could be used to allow remote code execution, and said it may release an out-of-cycle patch for the flaw.“At this time, we are aware of limited, targeted attacks attempting to use this vulnerability against Internet Explorer 6. We have not seen attacks against other versions of Internet Explorer. We will continue to monitor the threat environment and update this advisory if the situation changes,” noted the security update.The flaw has been taken very seriously by organisations across the globe, with the German government recommending its citizens use an alternative browser to IE until the vulnerability is patched.
Source: Copyright ©v3.co.uk
More in General (1 of 10 articles)
More in General (2 of 10 articles)
More in General (3 of 10 articles)
More in General (4 of 10 articles)
More in General (5 of 10 articles)
More in General (6 of 10 articles)
More in General (7 of 10 articles)
More in General (8 of 10 articles)
More in General (9 of 10 articles)
More in General (10 of 10 articles)
Inside the real Google I/O
Review: Livescribe Sky
Peeling the Onion: A look at the Tor Project
In Pictures: 'Destination Star Trek London'
Get advice on the best gear, take part in discussions with comments on blogs, news and reviews; post your
own reviews and tailor make your information specifically to your interests.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @pcauthority.com.au to your white-listed senders.
Click here to close this message