Published in News

IE still flawed

by on26 January 2010

Image

Microsoft can't win


After swiftly
patching a flaw in its IE browser after government agencies suggested that it no longer be installed in Europe, Microsoft has found itself in the middle of another row.

A security research firm Core Technologies said it has discovered another set of vulnerabilities in Internet Exploder that means that hackers can link together and exploit, to remotely access all of the data on a personal computer. Jorge Luis Alvarez Medina, a security consultant with Boston-based Core said that there were three or four ways to conduct this type of attack using a string of four or five minor vulnerabilities in IE.

Although none of the vulnerabilities are serious enough to compromise a machine, a hacker could take control of a PC by exploiting all of them at once, he said. The combination would overwhelm the browser, giving a hacker access to all data on the PC after a user clicks on a malicious link, he said.

Core was working with Microsoft to find a way to mitigate the risk, but added that he believed other vulnerabilities would crop up even after a solution to these. This is bad news for Microsoft which is trying to convince the world that its browser is safe and not to download Firefox or Chrome.
Rate this item
(0 votes)