Follow us on Twitter
Follow us on FacebookIE flaw puts Windows XP SP2 at risk
@ 2005/09/17flaw has been discovered in Internet Explorer that could enable a remote attack on systems running Windows XP with Service Pack 2, eEye Digital Security has warned.
The flaw, which also affects systems running Windows XP, is found in the default installations of Microsoft's IE, according to an advisory released by the security company on Thursday.
"The flaw is not wormable but allows for the remote execution (of code) with some level of end-user intervention," said Mike Puterbaugh, eEye's senior director of product marketing.
The discovery of this IE flaw comes just over a month after Microsoft issued a cumulative patch addressing three vulnerabilities for IE.
The new IE flaw also adds to another vulnerability, discovered last month, that affects systems using Windows XP SP2.
Microsoft's Windows XP with SP2 is designed to make it more difficult for attackers to run malicious software on users' computers.
A Microsoft representative confirmed that the company had received the report from eEye and said it will be investigating the issue. Because the details of the vulnerabilities have not been made public, users are not at risk of an exploit being developed to take advantage of the flaw, the representative said.
eEye has provided Microsoft with details about the flaw, but the security researcher does not release details to the public until a vendor has developed a relevant patch or issued an advisory.
The flaw, which also affects systems running Windows XP, is found in the default installations of Microsoft's IE, according to an advisory released by the security company on Thursday.
"The flaw is not wormable but allows for the remote execution (of code) with some level of end-user intervention," said Mike Puterbaugh, eEye's senior director of product marketing.
The discovery of this IE flaw comes just over a month after Microsoft issued a cumulative patch addressing three vulnerabilities for IE.
The new IE flaw also adds to another vulnerability, discovered last month, that affects systems using Windows XP SP2.
Microsoft's Windows XP with SP2 is designed to make it more difficult for attackers to run malicious software on users' computers.
A Microsoft representative confirmed that the company had received the report from eEye and said it will be investigating the issue. Because the details of the vulnerabilities have not been made public, users are not at risk of an exploit being developed to take advantage of the flaw, the representative said.
eEye has provided Microsoft with details about the flaw, but the security researcher does not release details to the public until a vendor has developed a relevant patch or issued an advisory.
Can you believe this! I just upgraded my system to SP2 and straightaway I have bumped into this news. Well this is horrifying news for any PC users considering that most of us are still travelling in the Windows bandwagon. Its now understood by me why people are promoting linux in such a big way noiwadays. With so many flaws coming up the life is indeed becoming difficult for people like us who have no other options but to use Windows.
17th September 2005, 03:18