Microsoft has warned of yet another serious vulnerability in Internet Explorer (IE), this time affecting the way the browser renders locally stored content.
The flaw could allow an attacker to steal user data through a specially crafted web page. The hole has yet to be patched, and Microsoft declined to give any further details.
Microsoft confirmed in a Security Advisory that the vulnerability is present in all versions of IE, but said that users running Protected Mode in IE7 and IE8 on Windows 7 or Windows Vista are not at risk.
The company considers only Windows XP machines and systems with Protected Mode disabled to be at risk.
Microsoft is investigating the flaw and is likely to release a patch next Tuesday as part of its monthly security update.
The warning is the latest in a string of bad publicity for Microsoft's browser. A zero-day flaw surfaced in January which sent Microsoft scrambling to issue an update, and led some security experts to recommend that users dump the browser entirely.
More recently, security firms have urged consumers and enterprises to swap IE6 for a more recent version of the software or a competing browser.
Microsoft warns of new flaw in IE
By
Shaun Nichols
on Feb 5, 2010 8:16AM
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Ingram Micro Ushers in the Age of Ultra
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
Kaseya Dattocon APAC 2024 is Back
Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers
Sponsored Whitepapers
-1.jpg&w=100&c=1&s=0)
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
Pulseway Essential Eight Framework
7 Best Practices For Implementing Human Risk Management
2025 State of Machine Identity Security Report
.png&w=100&c=1&s=0)
