Three new flaws found in Internet Explorer

Three new flaws found in Internet Explorer

Security vendor Secunia today announced a new vulnerability affecting Internet Explorer 6.x and 7 beta. The vulnerability, which Secunia rates as highly critical, exists when processing the "createTextRange()" method call on a radio button occurs. A successful exploit will allow an attacker to run malicious code on a fully patched Microsoft Windows machine. According to the Secunia announcement, Microsoft is working on a patch. Microsoft's next scheduled patch release is April 11.

A second vulnerability affects HTA files and is not considered critical. HTA files are used with Web applications. Microsoft is investigating this vulnerability and may offer a patch at some point.

A third vulnerability in Internet Explorer reported by Secunia and others on Monday is less critical, though highly annoying. This third vulnerability, which involves HTML tags with multiple event handlers, can be exploited to crash a vulnerable browser.

Until these vulnerabilities are patched, Secunia recommends users avoid untrusted Web sites. Personally, I recommend using another Internet browser, such as Firefox or Opera.

Featured Video
6
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Force Friday and the best of IFA 2015

Attention Jedi in training: today is Force Friday. Also, the best of IFA 2015, a new personal safety app explodes in popularity, and new 21.5-inch iMacs are coming.

by Jeff Bakalar