Beware of a serious (yet unpatched) security flaw with Internet Explorer

by ron on July 7, 2009

Microsoft has posted a security alert saying that there is a serious security flaw with Internet Explorer.

This security hole allows an attacker to take control of a victim’s computer after clicking on a video link (via ActiveX), which then enables the attacker to run malicious code under the same rights of the local user.  Since most users run as local administrators, then this means that the victim’s computer can be seriously compromised.

This is not just a hole which may be potentially attacked in the future; it is already being attacked by malicious hackers as we speak.

Due to the severity of the problem, Microsoft suggest immediately applying the patch rather than waiting a week for the patch in the next Windows Update cycle.

You can also consider leaving Internet Explorer behind and using an alternate web browser such as Mozilla Firefox or Google Chrome.

[Update 2009-Jul-15: Firefox 3.5 has also been reported to have a very serious (yet unpatched) hole. ]

Share

{ 0 comments… add one now }

Leave a Comment

Time limit is exhausted. Please reload CAPTCHA.