Boston, MA 04/28/2014 (wallstreetpr) – Microsoft Corporation (NASDAQ:MSFT) warns users against using Internet Explorer on Windows XP on account of security flaws.
Microsoft announced that users on whose PCs Windows XP is installed, they must avoid using Internet Explorer for browsing. It issued a security alert against Internet Explorer versions from IE6 through IE11. The software giant said that it has noticed some attacks which sought to exploit a particular vulnerability of the IE. The flaw allows attackers to execute a remote code which leads them to be able to behave as the current user within the IE.
Flawed IE
The vulnerability allows the attackers to access a memory object which has either already been deleted or properly allocated. The memory may be hence be corrupted in such a manner so as to provide the attacker means to execute an arbitrary code while acting as the current user of the IE. The attacker could lure the user to view a website he has created specifically to exploit this particular vulnerability of the IE. In addition, hackers could further cause significant damages to users’ PC by exploiting this flaw.
Microsoft has reported the flaw to exist in IE for a long time, through several of its versions. Microsoft Corporation (NASDAQ:MSFT), however, added that the attacker has no means to force a user to access the crafty websites. They may only attract the users to click on specific links attached to e-mails or on instant messages.
Warning
Firefly, a security company, called the flaw “Zero Day” after Microsoft made the announcement on Saturday. Microsoft Corporation (NASDAQ:MSFT) has noted that as much as 56% of all the browsers being used today are affected by the vulnerability. The U.S. Department of Homeland Security also made an announcement on Monday, following the software makers’ warning, advising users to avoid IE until the problem is completely fixed.
