Subscribe:Posts Comments

News

Possible Shutdown Of BlackBerry Service In Indonesia
Possible Shutdown Of BlackBerry Service In Indonesia
LG Plan To Update Range Of Smart Phone With Android 4.0 Ice Cream Sandwich In Q2 2012
LG Plan To Update Range Of Smart Phone With Android 4.0 Ice Cream Sandwich In Q2 2012
NTSB’s Proposals, US Government To Ban Cellphone Use While Driving Any Vehicle
NTSB’s Proposals, US Government To Ban Cellphone Use While Driving Any Vehicle
U.S. Cellular Said iPhone Is Not Technologically Advanced Enough, Need 4G
U.S. Cellular Said iPhone Is Not Technologically Advanced Enough, Need 4G
RIM Renamed New BBX Operating System To BlackBerry 10 Based On Ruling By US Court
RIM Renamed New BBX Operating System To BlackBerry 10 Based On Ruling By US Court
Verizon’s Galaxy Nexus will Not Support Google Wallet
Verizon’s Galaxy Nexus will Not Support Google Wallet

Latest Updates

Apps: Free Download

iPhone

Blackberry

Windows Mobile

Android

_________________

Links

You Are Here: Home » Browser, Computers, Laptop/Notebook, News » Windows fix addresses both new and old IE browsers

Windows fix addresses both new and old IE browsers

Posted by on January 21, 2010 // Leave Your Comment

Windows fix addresses both new and old IE browsers

This the latest news from (betanews.com) “Newly released Windows fix addresses both new and old IE browsers” For me I must say it is good news to know that this issue have been dealt with. For a better read here is a article I read.::>>

Over the past few days, security engineers have warned that variations of the publicly-released Hydraq exploit are being engineered for later versions of Internet Explorer than the one targeted in the recently discovered wave of attacks against Google and others, IE6. One security researcher on the “good side,” Dino Dai Zovi, claimed on Twitter earlier today he has a functional derivative of Hydraq for IE7 and IE8…kind of. To make them work, two of Windows 7′s more celebrated security features — Address Space Load Randomization and Data Execution Prevention — have to be manually turned off first.

Still, the nearness of such an exploit to reality prompted Microsoft to release its out-of-band security update today, as promised yesterday, for IE6, IE7, and IE8. Separate update packages are currently being deployed through Windows Update, and are available for download now.

Microsoft Senior Security Program manager Jerry Bryant informed Betanews just moments ago that as of this moment it has only seen evidence of actual Hydraq attacks in the wild targeting IE6. However, as Bryant warned customers in a blog post yesterday, more than the Web browser may be theoretically vulnerable.

Specifically, earlier versions of other Microsoft software, including Outlook, Outlook Express, and Windows Live Mail that used the mshtml.dll rendering library for showing HTML e-mails, but whose default security states may have been turned off by users (for instance, enabling ActiveX controls), could be vulnerable. Those users may not be vulnerable, Bryant said, if their security configurations are left in their recommended states. Outlook 2007 uses a later version of the library, Bryant said, and is therefore not immediately vulnerable at all.

However, if mutants of Hydraq that work on IE7 and IE8 ever do get exploited in the wild, users without today’s IE patch installed (which addresses this shared rendering library as well) could be in trouble. Up until very recently, third parties answering reader and customer troubles about software incompatibilities they’ve encountered, have advised them to turn DEP off. continue read

Related Posts with Thumbnails
Releated Post
Tags:

Leave a Reply

© 2010 GADSTA · Subscribe:PostsComments · Designed by Theme Junkie · Powered by WordPress