Story image

New IE exploit detected

02 Mar 10

Microsoft is hurrying to deal with a new vulnerability
detected in the Internet Explorer browser that could allow a hacker to take
control of a computer.

The vulnerability could allow an attacker to host a
maliciously crafted Web page and run arbitrary code if they could convince a
user to visit the Web page and then get them to press the F1 key in response to
a pop-up dialogue box. Microsoft says it is not aware of any attacks seeking to
exploit this issue at this time and believes that users running Windows 7,
Windows Server 2008 R2, Windows Server 2008, and Windows Vista are not affected.

“The issue in question involves the use of VBScript and
Windows Help files in Internet Explorer,” a Microsoft blog posting explained. “Windows
Help files are included in a long list of what we refer to as ‘unsafe file
types’. These are file types that are designed to invoke automatic actions
during normal use of the files. While they can be very valuable productivity
tools, they can also be used by attackers to try and compromise a system.”

Microsoft advised users to avoid pressing F1 on dialogue
boxes presented from Web pages or other Internet content.“If a dialogue box appears repeatedly in an attempt to
convince the user to press F1, users may log off the system or use Task Manager
to kill the Internet Explorer process,” said the company in a security
research note
.

Users can also set Internet Explorer to show a prompt before
running any Active X controls or scripting, which Microsoft said will not
affect general browsing.

A fix for the problem will probably be issued at a later date.

The new world of edge data centre management
Schneider Electric’s Kim Povlsen debates whether the data centre as we know it today will soon cease to exist.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
How HCI helps enterprises stay on top of data regulations
Increasing data protection requirements will supposedly drive the demand for Hyper-Converged Infrastructure solutions across the globe.
Vodafone and PNSol champion new ‘invisble network’ broadband project
"As an industry, we've increased the speed of broadband to one gigabit and beyond, which is a remarkable achievement, but we now have to look beyond speed."
Top 3 cloud computing predictions – what’s in store for 2019?
Virtustream's Deepak Patil shares his predictions for how cloud computing will evolve in 2019.
London’s pricy data centres allow Frankfurt to overtake
According to a new report, data centre pricing in the UK is among the highest in Europe, which is seeing other countries prosper.
Rubrik welcomes $261m funding for new market expansion
The company intends to use the funds from new investor Bain Capital Ventures will go toward future innovation and expansion.
Survey finds retailers 'bullish' on hybrid cloud adoption
The retail industry takes no prisoners and that’s made clear in its 'on the pulse' adoption of new technologies.