in all versions of Internet Explorer from 6 through 11! Yes, it went undiscovered that long; IE 6 was released in 2001, shortly after the launch of Windows XP. The flaw enables an attacker to bypass IE’s built-in protections against execution of downloaded code and manipulate the browser’s memory space to obtain the same privileges on the affected machine that its user has. Translation: If you run Internet Explorer, this bug could enable a hacker do almost anything on your computer. That's very bad. And you need to take action right away to protect yourself.
A hacker’s exploit that takes advantage of this vulnerability in IE versions 9 through 11 was discovered by FireEye. Although this specific exploit does not affect earlier IE versions (6, 7, and 8), they are still vulnerable to the underlying flaw. But as Ralph Nader might say, ALL versions of Internet Explorer should be considered "unsafe at any speed" until this problem is resolved.The malicious code is embedded in a Flash file that may be planted on a Web site. The malware is triggered when a user plays the Flash file. But keep in mind that even if you if you don’t have Flash installed (or you've disabled Flash), the vulnerability still exists and can be exploited in other ways. Microsoft acknowledge the vulnerability and “a limited number” of instances of its exploitation on April 27. The company promised a fix but did not specify whether the fix will be issued as soon as it’s ready or on the scheduled May 13 “patch Tuesday” when monthly security updates are made available via Windows Update. Note that there is no guarantee that a patch will be ready by May 13. Also note that Windows XP die-hards will not get a patch for this vulnerability. All support, including critical security updates, for that obsolete operating system ended on April 8. This is the first time that XP users will remain vulnerable to hackers while users of later Windows versions get patches. What Steps Should You Take? Computer emergency response teams (CERTs) in the USA, UK, and Sweden have advised Windows users to avoid using Internet Explorer until a patch is issued. Popular web browsers such as Google Chrome and Firefox are recommended as alternatives to Internet Explorer. Kindest regards <--- Gordon Smith ---> <[email protected]> Information Technology Accessibility Consultant; Proudly Providing Braille And Alternative Format Transcription Services, Plus Help & Support To The Staff And Students Of the Visually Impaired Department at Sunnyside Academy, Colby Newham, Middlesbrough! ======================================= To post to this group, please send your message to: [email protected] The Windows-Access E-Mail forum is guaranteed malware, spyware, Trojan, virus and worm-free To modify your subscription options, please visit your personalise subscriber options page, located at http://mail.tft-bbs.co.uk/mailman/listinfo/windows-access You can find an archive of all messages posted to the Windows-Access forum at either of the following websites: http://mail.tft-bbs.co.uk/pipermail/windows-access/index.html Or: <http://www.mail-archive.com/[email protected]> you may also subscribe to this list via RSS. The feed is at: <http://www.mail-archive.com/[email protected]/maillist.xml> --------------------------------------- [email protected]
