Microsoft responds to Black Hat talk with IE bug advisory
From SC Magazine | 2010-02-04 11:05:08
<div id="subtitle">An Internet Explorer vulnerability revealed at this week's Black Hat conference in Washington, D.C. prompted Microsoft to issue an advisory on the issue.</div><div><p>Microsoft disclosed Wednesday that Internet Explorer (IE) suffers from an unpatched vulnerability that could lead to information exposure.The bug, which affects machines running Windows XP or those that have disabled IE's Protected Mode, can allow an attacker to access files containing an already-known name and location, according to an advisory from Microsoft.The software giant admitted to the vulnerability after researchers at Core Security Technologies, provider of penetration testing software, revealed the issue during a presentation this week at the Black Hat conference in Washington, D.C. The talk, titled "Internet Explorer turns your personal computer into a public file server," was delivered by Core engineer Jorge Luis Alvarez Medina.Medina could not immediately be reached for comment on Wednesday. The flaw is caused by "content being forced to render incorrectly from local files in such a way that information can be exposed to malicious websites," the advisory said.Microsoft is not aware of any active attacks. IE running on newer versions of Windows are not affected."Customers running Internet Explorer 7 or Internet Explorer 8 in their default configuration on Windows Vista or later operating systems are not vulnerable to this issue as they benefit from Internet Explorer Protected Mode, which protects from this issue," Jerry Bryant, senior security program manager at Microsoft, said in a Wednesday blog post.He encouraged customers to upgrade to IE 8.Bryant did not say when customers should expect a patch. Microsoft's next round of fixes are due out Tuesday."As with any update, we have to balance overall quality and ensure application compatibility before we release it," he said.</p><img src="http://admatch-syndication.mochila.com/images/ad.gif?aid=68434809&bid=informcom" /></div><div id="copyright"><div>
Copyright 2010 <a href="http://content.mochila.com/api/content/asset?assetID=2010-02-04:HaymarketMediaGroup/SCMagazines/Microsoft_responds_to_Black_Hat_-76717/&uname=mochila_api&cert=d1ff44fd2ac969664ae05bf7687cc5d1&bpid=informcom">SC Magazine</a></div></div>
Related Video by 5min
Related Articles
- Nanophase Technologies Announces Year End 2009 Financial Conference Call Globe Newswire | 2010-03-20 12:02:13
- Silver Proves Its Mettle for Nanotech Applications Science Daily | 2010-03-19 22:06:33
- Designer Nanomaterials on Demand: Scientists Report Universal Method for Creating Nanoscale Composites Science Daily | 2010-03-19 21:30:43
- UAlbany’s NanoCollege to receive $1.5M to incubate clean energy companies Charlotte Business Journal | 2010-03-19 12:16:58
- Developments in Nanotechnology for Cancer Treatments Bright Hub | 2010-03-19 10:30:07
- Nanofiber Gel May Spur Growth of New Knee Cartilage EverydayHealth.com | 2010-03-19 17:41:32
Related Blogs
- Designer Nanomaterials On-Demand: Scientists Report Universal Method for Creating Nanoscale Composites PhysOrg.com | 2010-03-19 18:36:31
- Designer nanomaterials on-demand EurekAlert! | 2010-03-19 18:14:53
- Scientists investigate transport of nanoparticles in the human body PhysOrg.com | 2010-03-19 14:13:38
- Engineers: Weak laser can ignite nanoparticles, with exciting possibilities EurekAlert! | 2010-03-18 12:27:03
Related Video
- DNA Nanotubes RedOrbit Video | 2010-03-19 02:42:11
