anyweb Posted April 29, 2014 Report post Posted April 29, 2014 Microsoft is scrambling to repair a security hole in its widely used Internet Explorer web browser, saying it had detected attempts to exploit the flaw. The US software giant said in a blog post the coding problem affected versions six through 11 of its flagship browser, noting it was aware of "limited, targeted attacks" taking advantage of the newly discovered flaw. The exploit uses Flash and a technique called heap feng shui, which Microsoft says can allow an attacker who successfully exploits the vulnerability to gain the same user rights as a user. "The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer," Microsoft said on its security website on Saturday. "An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website." Cybersecurity firm FireEye, which took credit for identifying the flaw, said hackers were exploiting the bug in a campaign nicknamed "Operation Clandestine Fox." Users still relying on Windows XP could be especially vulnerable because Microsoft stopped earlier this month supporting the older operating system with security patches and other software updates. read more @ ZDnet > http://www.zdnet.com/xp-users-set-to-miss-out-on-ie-patch-7000028820/ Share this post Link to post Share on other sites More sharing options...
kingbuzzo Posted April 30, 2014 Report post Posted April 30, 2014 They tried to warn you... Share this post Link to post Share on other sites More sharing options...
