Skip to main content
  1. Home
  2. Computing
  3. News

Major Internet Explorer Security Alert

By
Major Internet Explorer Security Alert

It was first publicized last week, but now Microsoft believes that an unpatched security hole that affects all versions of Internet Explorer represents a greater danger than was originally believed.

The company is reportedly working on an emergency patch, but is recommending setting the internet zone security setting to ‘high’ and disabling Ole32db.dll in access control lists (ACL) to offer the best defense against attack.

Recommended Videos

In the Microsoft Malware Protection Center blog, the company wrote:

Related

"The exploit sites we’ve seen so far drop a wide variety of malware — most commonly password stealers like new variants of game password stealers like Win32/OnLineGames, and Win32/Lolyda; keyloggers like Win32/Lmir; Trojan horse applications like Win32/Helpud along with some previously unseen malware which we generically detect as Win32/SystemHijack."

"We fully expect the variety of malware being dropped by this exploit to broaden as the exploit code starts to circulate around the internet underground."

The company says that many of the sites that appear to be taking advantage of the hole are hosted in China. Attacks are targeting IE7, but all versions of the browser are vulnerable.

Editors’ Recommendations

Digital Trends Staff
Digital Trends Staff
Digital Trends has a simple mission: to help readers easily understand how tech affects the way they live. We are your…
Why nearly 50% of Windows 10 users still cling to Internet Explorer
Laptop running Internet Explorer.

In an unexpected development, it seems that many users just can't let Internet Explorer go. Although the browser is retiring, new research shows that up to 47% of Windows 10 devices still use Explorer as their browser.

Seeing as Microsoft has announced its retirement in 2020, users have been given plenty of time to move on to a different browser -- so why is it that so many still choose to stick with Explorer?

Read more
The M1 has a major security loophole that Apple can’t patch
Apple M1 processor on a mainboard.

Researchers at MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) have discovered a new security vulnerability that targets Apple's popular M1 processor. The attack, dubbed PACMAN, is capable of bypassing the last line of defense against software bugs on the M1 and potentially other ARM-based processors.

PACMAN attacks pointer authentication, which is the final stop for most software vulnerabilities. Pointer authentication confirms that a program hasn't been changed in any malicious way, serving as a "safety net ... in the worst case scenario," as MIT PhD student Joseph Ravichandran put it. MIT's researchers developed PACMAN as a way to guess the pointer authentication signature, bypassing this critical security mechanism. Researchers say PACMAN exploits a hardware mechanism, so a software patch won't be able to fix it.

Read more
Upcoming Windows update will kill Internet Explorer for good
windows 10 june update will kill internet explorer for good poznan pol may 1 2021 laptop computer displaying logo

Internet Explorer is set to have its final end-of-life update on June 15. The Windows 10 update will be sent out to PCs after that date, disabling the browser and wiping it from devices.

While Microsoft has detailed its plans to retire Internet Explorer since May 2021, the Redmond, Washington company says the upcoming end-of-life update will disable the browser in a fashion that will redirect users to the Microsoft Edge browser when they try to access the feature.

Read more