Attack Code Posted for Internet Explorer

November 23, 2009

When newer versions of web browsers come out, most of us update and forget about it but some people continue to use the older versions for a variety of reasons.  Since they have been out for longer and may not benefit from more up-to-date protective measures, they are probably more vulnerable to hacking.

According to Computer World article, a hacker posted an attack code to the Bugtraq mailing list last Friday that could “be used to break into a PC running older versions of Microsoft's Internet Explorer browser.”

The main issue is that the code could be used to install unauthorized software onto a computer but it does not always work properly.  Symantec has confirmed that Internet Explorer 6 and 7 are affected which is significant considering that they “command close to 40 percent of the browser market.”

So far, Microsoft has not issued an emergency patch, but one is expected in the regularly scheduled security update on December 8, 2009.

Symantec did offer advice for avoiding major problems in the meantime: "To minimize the chances of being affected by this issue, Internet Explorer users should ensure their antivirus definitions are up to date, disable JavaScript and only visit Web sites they trust until fixes are available from Microsoft."

Share this article

Financial Services