Security Flaw Leaves All Microsoft Internet Explorer Users Vulnerable

CYBERSPACE — A new security hole affects all versions of Microsoft's Internet Explorer, leaving users of the leading web browser vulnerable to attack on a wide array of compromised websites.

Two online security firms have reported that hackers have broken in an unspecified number of websites and added malicious code that exploits the vulnerability in MS IE. Once installed, the virus starts stealing sensitive user data.

Online security firms Security Fix and SANS Internet Storm Center both reported on the vulnerability, which is linked to a specific file associated with MS IE. Microsoft also released an advisory, saying that the vulnerability is present in all versions of MS IE from version 5 onward.

But Washington Post tech security writer Brian Krebs noticed that some of the safety precautions recommended by Microsoft don't work quite right.

"Microsoft recommends enabling a feature called 'data execution prevention,' by clicking 'Tools,' 'Internet Options,' then 'Advanced,' and then checking the box next to that option," he said. "However, when I tried to make the changes in IE7 on Vista, I found that option grayed out. To make that change, I had to close out of IE completely, then right click on the IE icon, select 'Run as Administrator,' and then alter the setting."

Krebs also noted that Microsoft advised MS IE users to change their security setting to "high," even though such a setting renders most common websites unreadable. In addition, MS IE users can disable a specific function to prevent the attacks. The function is called "oledb32.dll." Unfortunately, Krebs also ran into trouble when trying to remove it, leading him to make a dramatic recommendation.

"I would advise Windows users to consider browsing the web with anything other than Internet Explorer, at least until Microsoft issues a patch to fix this vulnerability," he said. "It is not my intention to over-hype the situation, but as we have seen time and again, attackers are usually very quick to take advantage of flaws in IE because the program is the default browser for close to 80 percent of the planet."

Related:  

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

CAM4 Debuts Weekly 'Skyy Knox's CAM Crawl' Livestream

CAM4 is launching "Skyy Knox’s CAM Crawl," a new livestream running every Sunday at 3 p.m. PDT.

Texas Judge Pauses AG Ken Paxton's Aylo Lawsuit Until SCOTUS Decision

A Texas district judge granted a request Wednesday to pause proceedings in the lawsuit filed by Attorney General Ken Paxton against Aylo over its implementation of Texas’ controversial age verification requirements for Pornhub, pending the outcome of the Free Speech Coalition-led lawsuit against Paxton, which will be heard by the Supreme Court during the next term.

Author of UN Report Recommending Worldwide Criminalization of Sex Work, Porn to Speak at NCOSE Summit

Jordanian activist Reem Alsalem — a Special Rapporteur on violence against women and girls at the United Nations Human Rights Council who recently issued a controversial report recommending that governments abolish all forms of sex work, including porn — will be one of the speakers at anti-porn lobby NCOSE’s 2024 summit in August.

Spicey AI Voice Chat Platform Launches

Spicey AI, a platform that uses artificial intelligence to create interactive voice messages from chatbots based on adult performers, has launched.

Utherverse to Host 8th Annual VirtualCon in September

Virtual reality and metaverse technology company Utherverse will hold the eighth edition of its annual virtual conference, VirtualCon, from Sept. 26-28.

Pornhub Shuts Down Access in Nebraska Over Age Verification

Aylo began blocking access to Pornhub in Nebraska on Monday, in anticipation of the state’s new age verification law — one of many such bills promoted by religious conservatives around the country — which is scheduled to go into effect Thursday.

FeelMe AI Launches 3 New Subscription Tiers

FeelMe AI has launched three new subscription levels, allowing users to connect compatible Kiiroo sex toys to their videos for interactive solo play.

CamSoda Launches AI Girlfriend Builder

CamSoda has debuted a personalized "AI girlfriend" feature, which allows users to create their very own virtual companion at no charge, including free NSFW role-play and chat.

Free Speech Organization Comes Out in Support of Wisconsin Professor Who Posted on OnlyFans

After a University of Wisconsin-La Crosse faculty tribunal recommended stripping veteran professor of communications Joe Gow of tenure last week due to Gow having unremorsefully created and appeared in adult content, a major free speech organization has come out in his support.

MojoHost Unveils Public Cloud Service MojoCompute

MojoHost has launched MojoCompute, a new cloud service, as the central component of its MojoCloud product offerings.

Show More