|
Microsoft has updated a security advisory published in June, offering users a way to become immune to a highly critical flaw in Internet Explorer.
The flaw causes IE to crash or could allow hackers to take control of a user's system by placing specially created code on a website, according to Sec-Consult which first reported the flaw.
It affects current versions of IE on fully patched systems, and has been rated 'extremely critical' by security website Secunia.
Microsoft has confirmed the flaw. Exploit code is publicly available, but the software vendor claimed that it is not aware of any attacks using the exploit.
The workaround requires uses to manually prevent a .dll file from running, or to set the Windows internet security settings to 'high' to prevent ActiveX commands from being executed.
Although the workaround can reduce functionality and does not repair the actual flaw, it does prevent users from being affected.
Microsoft said that it is studying the flaw and will provide further information in the future, either through a refined workaround or a patch.
================
preuzeto sa sajta: http://www.itweek.co.uk/vnunet/news/2139442/microsoft-offers-temporary-fix
======================
dodatak:
Click to read the updated security advisory:
http://www.microsoft.com/technet/security/advisory/903144.mspx
|
... Znas ti to dobro 
