We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Closing another IE security hole

Microsoft guards against denial of service attacks

Microsoft has issued a patch for an Internet Explorer bug that it said could overwrite files and eventually crash computers.

The vulnerability in the browser's Active Setup Download feature could enable malicious hackers or Web site operators to launch denial-of-service attacks, Microsoft says in a bulletin that accompanies the patch.

The Active Setup control detects which files are needed by users who are updating software and then downloads the relevant ones. It's supposed to check to see whether the files are digitally signed before downloading them and warn users if files aren't signed or are signed by someone who doesn't have proper authorisation, according to Microsoft.

But the mechanism has two flaws, Microsoft says. First, Microsoft-signed files are treated as trusted content, which means Internet Explorer will download them without asking for a user's approval.

In addition, the control allows download locations to be specified on a user's hard drive, which Microsoft says could give malicious attackers a tool for overwriting system files and rendering machines unusable.

However, Microsoft adds that attackers couldn't modify files or cause other damage to a computer other than crashing the system. The flaw affects Versions 4, 4.01, 5, and 5.01 of Internet Explorer, the company says.


IDG UK Sites

iPhone 6 review: best ever iPhone is very good... but no longer the best phone you can buy

IDG UK Sites

Why Apple and Samsung, Google and Microsoft's schoolyard spats make them all look stupid

IDG UK Sites

How to successfully bridge the gap between clients and creatives

IDG UK Sites

How to update your iPhone or iPad to iOS 8: including how to install iOS 8 if you don't have room ()......