The vulnerability, which once activated may compromise the privacy of a user's computer system, has been detected in the Microsoft Internet Explorer 8 by the Computer Emergency Response Team of India (Cert-In), the country's nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian internet domain.
The severity of the malfunctioning has been categorized as "high" by the agency.
"A use-after-free vulnerability has been reported in Microsoft Internet Explorer (version 8) which could allow an unauthenticated remote attacker to execute arbitrary code on a target system.
"The vulnerability exists due to improper handling of CMarkup objects within "CMarkup::CreateInitialMarkup." An unauthenticated, remote attacker could exploit this issue by enticing a user to view specially crafted HTML document triggering a memory corruption," the advisory said.
It added that the successful exploitation of this malfunctioning "could allow the attacker to execute arbitrary code on the system with the privileges of the targeted user."
"This essentially means that if the malfunctioning gets activated it could harm the privacy and private information of the users' computer," a cybersecurity official said.
The agency has asked Internet users to upgrade their Microsoft Internet explorer to version "11."
Some of the other counter-measures suggested by the agency include deploying and configuring the Microsoft Enhanced Mitigation Experience Toolkit (EMET) for Internet Explorer, setting the internet security zone to "high" to block ActiveX controls and active scripting and configuring Internet Explorer to prompt before running active scripting or to disable active scripting in the internet and local intranet security zone.
Anda sedang membaca artikel tentang
Cert-In issues security warning against Internet Explorer 8
Dengan url
http://pijitsehat.blogspot.com/2014/05/cert-in-issues-security-warning-against.html
Anda boleh menyebar luaskannya atau mengcopy paste-nya
Cert-In issues security warning against Internet Explorer 8
namun jangan lupa untuk meletakkan link
Cert-In issues security warning against Internet Explorer 8
sebagai sumbernya
0 komentar:
Posting Komentar