Ms internet explorer security flaw

Even so, there have been no reports of incidents in which companies have been compromised by the vulnerability, Russell said. And despite its serious nature, "it is silly for SANS to call this the "most dangerous flaw found in Windows workstations," said Elias Levy, chief technology officer at SecurityFocus.

For example, the Multipurpose Internet Mail Extension buffer overflow in e-mail clients such as Outlook basically allows crackers to plant malicious code that executes even before a user opens an e-mail message, Levy said. Of more interest is the fact that Microsoft hasn't really implemented a fix but provided only a work-around to the problem, he said.

Microsoft's work-around, posted on its site July 13, is to set an Administrator password for Microsoft Access. This will cause Microsoft Access to prompt the user for a password before any Visual Basic for Applications code is executed within an Access database, according to a Microsoft FAQ on the subject. That hole allows attackers to hide malicious files in a victim's computer. But because it can be exploited under only certain limited conditions, it is "considerably less dangerous than the Access problem" according to the SANS report.

Jaikumar Vijayan is a freelance technology writer specializing in computer security and privacy topics. By AFP. More news from TECH.

Tech Telegram adds new features for iOS, Android. Several fresh interactive elements have been added to the popular messaging app Tech 1 week ago. Tech India: Colleges, major automobile companies experimenting with driverless cars.

IIT Hyderabad hopes to launch the indigenously-developed technology on its campus within six months Tech 2 weeks ago. Rumours on the internet say the iPhone Pro models likely to be released in will rely entirely on eSIM technology Tech 2 weeks ago. Tech Russian court slaps Google, Meta with massive fines. Tech Russian court fines Google and Meta platforms. The U. Microsoft assigned the bug with a common vulnerability identifier, CVE , but specific details of the bug have yet to be released.

Mozilla says a new Firefox security bug is under active attack.