- TS Janda writes about technology, be it software reviews, Tips and Tricks for Linux or Windows systems, or just general news on the latest gadget. We also feature great writers and encourage new authors to contribute here at TechBetaPlus.
- TechBetaPlus TechBetaPlus TechBetaPlus Visit My Site
 |
| Microsoft Puts A bandaid On IE8, Users Are Still Advised to Upgrade to IE10 |
Microsoft has issued an advisory, and "Fix it" for Internet Explorer 8. However it's more a temporary stop-gap than a real resolution for the flaw. Microsoft stresses that "CVE-2013-1347 MSHTML Shim Workaround" is "not intended to be a replacement for any security update". This Fix It can also be disabled if for some reason you have an issue with it.
The vulnerability is a remote code execution vulnerability. The vulnerability exists in the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated. The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer. An attacker could host a specially crafted website that is designed to exploit this vulnerability through Internet Explorer and then convince a user to view the website.
The vulnerability does not affect Internet Explorer 6, Internet Explorer 7, Internet Explorer 9, and Internet Explorer 10.
Do you like this post?
|
0 comments:
Post a Comment