Last Thursday I blogged about a vulnerability in Internet Explorer. Microsoft has now released an update (MS08-078) in order to fix the issue.
By exploiting the vulnerability an attacker may be able to execute arbitrary code in vulnerable system with logged in user's privileges or cause denial of service. The vulnerability can be exploited by luring user to open specially crafted web site. Public method to exploit the vulnerability exists at least for Internet Explorer 7.
Vulnerability affects Internet Explorer versions 5.01, 6, 7 and 8 beta.
Easiest way to update is to use Microsoft update service.
More information can be read form Microsoft security advisory.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment