We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
79,814 News Articles

Exploits posted for latest Internet Explorer bug

A familiar tale of woe

Hackers have discovered a vulnerability in Microsoft's popular IE (Internet Explorer) browser, and have released code that could be used to attack users of the program.

The vulnerability is similar to a bug that Microsoft patched last month in a multimedia component of IE, according to Vincent Hwang, group product manager with Symantec's security response team.

Though a sample exploit of the vulnerability was posted on Wednesday by hackers on the xsec.org website, Symantec has yet to see the code used in any attacks, according to Hwang.

To take advantage of the exploit code, attackers would first need to trick users into viewing a maliciously encoded web page. They could then run unauthorised code on a victim's computer.

It is unclear right now which versions of Windows and IE are affected by the vulnerability. Researchers at Secunia said they were able to create a "fully working" exploit for the latest version of Windows XP running IE 6.0. Windows 2000 users are also vulnerable, Secunia said.

Microsoft security researchers were unavailable to comment on the issue, but a spokesman for the company's public relations agency said the matter was under investigation.

Symantec calls the bug 'critical', and Secunia rates the issue as 'highly critical', its most severe rating. The Secunia alert can be found here.


IDG UK Sites

The 30 best TV shows on Netflix UK: Our pick of the best programmes you can watch right now

IDG UK Sites

Nostalgia time: Top 10 best selling mobile phones in history

IDG UK Sites

VFX Emmy: Game of Thrones work garners gong for Rodeo FX

IDG UK Sites

Apple 13-inch MacBook Pro with Retina review (2.6GHz, 128GB, mid-2014)