Security Flaw Leaves All Microsoft Internet Explorer Users Vulnerable

CYBERSPACE — A new security hole affects all versions of Microsoft's Internet Explorer, leaving users of the leading web browser vulnerable to attack on a wide array of compromised websites.

Two online security firms have reported that hackers have broken in an unspecified number of websites and added malicious code that exploits the vulnerability in MS IE. Once installed, the virus starts stealing sensitive user data.

Online security firms Security Fix and SANS Internet Storm Center both reported on the vulnerability, which is linked to a specific file associated with MS IE. Microsoft also released an advisory, saying that the vulnerability is present in all versions of MS IE from version 5 onward.

But Washington Post tech security writer Brian Krebs noticed that some of the safety precautions recommended by Microsoft don't work quite right.

"Microsoft recommends enabling a feature called 'data execution prevention,' by clicking 'Tools,' 'Internet Options,' then 'Advanced,' and then checking the box next to that option," he said. "However, when I tried to make the changes in IE7 on Vista, I found that option grayed out. To make that change, I had to close out of IE completely, then right click on the IE icon, select 'Run as Administrator,' and then alter the setting."

Krebs also noted that Microsoft advised MS IE users to change their security setting to "high," even though such a setting renders most common websites unreadable. In addition, MS IE users can disable a specific function to prevent the attacks. The function is called "oledb32.dll." Unfortunately, Krebs also ran into trouble when trying to remove it, leading him to make a dramatic recommendation.

"I would advise Windows users to consider browsing the web with anything other than Internet Explorer, at least until Microsoft issues a patch to fix this vulnerability," he said. "It is not my intention to over-hype the situation, but as we have seen time and again, attackers are usually very quick to take advantage of flaws in IE because the program is the default browser for close to 80 percent of the planet."

Related:  

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

Anti-Pornhub Attorney Expands Strategy to 'Name and Shame' Finance Companies

A legal team headed by Michael J. Bowe, the former lawyer for Donald Trump and Jerry Falwell Jr., has recently expanded its strategy in a series of ongoing legal actions against Aylo over user-uploaded content on Pornhub allegedly involving minors, directly implicating finance companies which have backed or worked with the company formerly known as Mindgeek.

X3 Expo 2025 Show Dates Set for Jan. 17-18

X3 Expo organizers have announced that the event will once again take over the historic Hollywood Palladium Jan. 17-18, bringing together legions of attendees for the biggest lineup of adult stars in North America, plus a smorgasbord of dazzlingly attractions showcasing the latest innovations in titillating digital entertainment.

SextPanther Unveils New Content-Tagging Feature, Revamped Explore Page

SextPanther has rolled out its new content-tagging feature, as well as the revamped version of the platform's "Explore" page.

Court Orders xHamster to Remove Dutch Amateur Content

An Amsterdam appeals court upheld a lower court decision ordering xHamster to remove all footage featuring Dutch people who have not given explicit permission for their images to be posted.

Dutch Platform DM-Movies Rebrands as MelodyPleasure.com

Industry veterans Melody Pleasure and Cheffie Shot have rebranded Dutch platform DM-Movies.com into MelodyPleasure.com.

Mymember.site Unveils New Order Management System for Sales

Mymember.site has released a new order management system designed to streamline and simplify how creators manage incoming orders for digital and physical products.

European Commission Compels Pornhub, XVideos, Stripchat to Disclose DSA Compliance Data

The European Commission has singled out Pornhub, XVideos and Stripchat for enforcement of the Digital Services Act (DSA), giving them until July 4 to provide compliance information.

X's Clarification of Adult Content Policy Triggers International Confusion

X’s recent clarification of its adult content policies has created confusion in countries with strict anti-porn laws, such as Indonesia, especially considering that X owner Elon Musk has stated that the limits of his “free speech absolutism” for the platform formerly known as Twitter are the laws of each country.

2024 AltStar Awards Winners Announced

Winners of the 2024 AltStar Awards, presented by Bad Dragon, were revealed during an in-person ceremony in Las Vegas on Sunday, June 9.

Strike 3 Expands Copyright Litigation Strategy to Hawaii

Strike 3 Holdings, the copyright holder for the Vixen Media Group brands, has partnered with a Hawaiian law firm to expand its persistent strategy of filing multiple infringement lawsuits in federal court against unidentified downloaders.

Show More