We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Microsoft admits IE 6 and 7 vulnerability

PC securityA new security hole in Internet Explorer 6 and 7 can be targeted via code on a poisoned website, Microsoft has warned. A successful attacker could install malware on a victim PC or run any other remote command.

The invalid pointer reference bug, described in Microsoft Security Advisory 981374, is already being hit by targeted attacks, according to Microsoft. The company only released a warning, rather than a patch to go along with its regularly scheduled Patch Tuesday. There isn't yet any fix or real workaround, but Internet Explorer 8 is not affected by the bug.

Microsoft also says that IE running under Protected Mode on Vista or Windows 7 will help mitigate the threat, and that the default IE configuration on Windows Server 2003 and 2008 also offers protection. For more details, see the company's MSRC post.

See also:

Internet browser reviews

PC security news, reviews, tips and walkthroughs

PC World

IDG UK Sites

Microsoft Band UK release date and price rumours, features and specs: Microsoft smartwatch unveiled

IDG UK Sites

Why Sony's PS4 2.0 update is every gamer's dream (well, mine at least)

IDG UK Sites

Watch new Grolsch ad that combines stop-motion & CG for majestic results

IDG UK Sites

Apple rumours and predictions for 2015: What to expect from Apple in 2015