Microsoft has warned that hackers are already exploiting the flaw, which could allow them to remotely take control of a computer running Microsoft's Windows operating system. Computer users running Internet Explorer 5.01 or the latest release, Internet Explorer 8, are not affected by the vulnerability.
"At this time, we are aware of targeted attacks attempting to use this vulnerability," Microsoft said in a security advisory. "We will continue to monitor the threat environment and update this advisory if this situation changes."
The company has not said when it would be releasing a patch to fix the flaw. The next scheduled software update is on April 13.
In January, Microsoft confirmed that hackers had exploited a vulnerability in Internet Explorer to launch a series of cyber attacks against large websites and networks, including those operated by Google and Adobe. Microsoft released an emergency update, known as an out-of-band patch, to fix the flaw.
Security experts said that as far as they were aware, details of the exploit had not been publicly posed, but that if the code were to appear online, it could force Microsoft to release an emergency patch.
Microsoft has advised computer users to disable scripting in the browser window and enable the data execution prevention feature in Internet Explorer.
0 comments:
Post a Comment