An exploit for Internet Explorer was published online yesterday, showing signs of poor reliability. Symantec confirmed that the exploit affects Internet Explorer 6 and 7. Experts believe a fully functional version of the exploit will be made available in the coming weeks.
The exploit requires the hacker to lure the victim onto a malicious website or a compromised webpage. Whatever method is used, the attack requires javascript on Internet Explorer. Symantec found the vulnerability in Microsoft Data Access Components, which could allow a Remote Code Execution on a user's system.
Users are cautioned to disable javascript on Internet Explorer, avoid websites they do not trust, and update their anti-virus definitions immediately. Symantec confirms that they have detected the exploit, Bloodhound.Exploit.129, rating the risk a level 1, very low.
The affected systems are currently Windows 2000, Windows Server 2003 and Windows XP.
50 Comments
Load the comments and join the conversation!
Read the comments, ask the editors questions, show respect and join the conversation.