Second Open IE Security Flaw
Sites exploit new IE flaw | Tech News on ZDNet
Miscreants are using an unpatched security bug in Internet Explorer to install malicious software from rigged Web sites, experts warned Tuesday.
The vulnerability lies in a Windows component called "vgx.dll." This component is meant to support Vector Markup Language documents in the operating system. VML is used for high-quality vector graphics on the Web.
This is the second known and unpatched flaw for IE to surface in as many weeks. Last week Microsoft confirmed a flaw in an ActiveX control related to multimedia. Attack code that exploits the flaw and could be used to hijack Windows PCs running IE 5 or IE 6 has been posted on the Net. Microsoft also has yet to provide a patch for a Word 2000 flaw being exploited in targeted cyberattacks.
The vulnerability lies in a Windows component called "vgx.dll." This component is meant to support Vector Markup Language documents in the operating system. VML is used for high-quality vector graphics on the Web.
This is the second known and unpatched flaw for IE to surface in as many weeks. Last week Microsoft confirmed a flaw in an ActiveX control related to multimedia. Attack code that exploits the flaw and could be used to hijack Windows PCs running IE 5 or IE 6 has been posted on the Net. Microsoft also has yet to provide a patch for a Word 2000 flaw being exploited in targeted cyberattacks.
posted by Robert at 5:33 AM
<< Home