Internet Explorer HTA Application Execution

Flaw could allow remote access to vulnerable systems

The Internet Explorer HTA Application Execution was assigned two vulnerability numbers by the National Institute of Standards in Technology National Vulnerabilities Database. The vulnerability in Inter Explorer allows remote attackers to execute arbitrary code via a link to an SMB file share, and the flaw itself might be within other components used by the Microsoft browser. If executed, the vulnerability may disclose potentially sensitive information and potentially compromise a user's system. Exploitation requires user interaction, however.

On August 8, 2006, Microsoft released two patches which addressed these vulnerabilities.

Additional Resources:

About the author

    As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.


    Discuss Internet Explorer HTA Application Execution

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Articles from CNET
    How to do a clean install of Windows 10