Internet Explorer HTA Application Execution
Flaw could allow remote access to vulnerable systems
Robert Vamosi Former Editor
As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.
The Internet Explorer HTA Application Execution was assigned two vulnerability numbers by the National Institute of Standards in Technology National Vulnerabilities Database. The vulnerability in Inter Explorer allows remote attackers to execute arbitrary code via a link to an SMB file share, and the flaw itself might be within other components used by the Microsoft browser. If executed, the vulnerability may disclose potentially sensitive information and potentially compromise a user's system. Exploitation requires user interaction, however.
On August 8, 2006, Microsoft released two patches which addressed these vulnerabilities.
Additional Resources:
- Microsoft patch: MS06-045
- Microsoft patch: MS06-042
- Mitre.org CVE #: CVE-2006-3281
- Secunia advisory #: 20825
Mobile Guides
Phones
Foldable Phones
Headphones
Mobile Accessories
Smartwatches
Wireless Plans
Mobile coupons