Microsoft has made itself the joker of the modern computer world once again. No, I'm not talking about windows vista aka "mojave" I'm referring to a new vulnerability on the Internet Explorer program that runs on all of Microsoft's operating systems. On Friday, Microsoft released a statement about a number of "zero day" attacks that occur as a result of a vulnerability in the way the browser processes XML (a way of writing information to websites). Verisign released an announcement late last week that a group of Chinese security researches discovered an accidentally released the flaw in IE. The main idea of the attacks is to load malicious software onto computer that are vulnerable to the attack. These programs can give the hacker all the normal privileges that the user would have including access to sensitive records and files. Below are links to two articles including one that talks specifically about ACL's and how to block the vulnerability at the server before it enters the network. This does not completely block the threat but it does lower the risk until a patch is made available.
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1342278,00.html
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1342135,00.html
Sunday, December 14, 2008
Subscribe to:
Post Comments (Atom)
Posts
once again Microsoft has dropped the ball. I wonder how much of an impact is this going to have on the stock. How many times can a company of this magnitude be in the news for constant vulnerabilities?
ReplyDelete