New bug can crash Internet Explorer

Microsoft is looking into public reports of a flaw in IE that could cause a malicious Web site to crash the browser.

Microsoft is investigating a newly reported flaw in Internet Explorer 6 that could cause the browser to crash when viewing a malicious Web page, the company said Monday.

Details of the security weakness in the Web browser were published on a popular security mailing list last week by researcher Michal Zalewski. "This might not come as a surprise, but there appears to be a very interesting and apparently very much exploitable overflow in Microsoft Internet Explorer," he wrote.

The flaw can be exploited by an attacker to crash IE, Secunia said in an advisory published Monday. The vulnerability has been confirmed on a fully patched PC running IE 6 and Windows XP with Service Pack 2, the security monitoring company said. Secunia deems the issue "not critical."

Microsoft is investigating the issue, a company representative said in an e-mailed statement. "At this time, we are not aware of any attacks attempting to use the reported vulnerability," the representative wrote.

Once it completes its inquiry, Microsoft said, it may issue a security advisory or provide a patch through its monthly release process.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Roku 4: Our favorite TV streaming system gets 4K video and a remote locator

Ever lose your remote in the couch cushions? Ever wish you could stream 4K Netflix without having to use your TV's built-in app? Roku's new high-end player, the $129 Roku 4, brings these new extras to its best-in-class streaming ecosystem.

by David Katzmaier