For Internet Explorer and Microsoft, it’s getting embarrassing for their own good. A few days back it was the hilarious glitch; how IE6 was unable to open the parent Microsoft website, with elements all over the place. But this time the bug is way serious, Symantec has confirmed the vulnerability of IE 6 & IE7 against a new exploit that was published over at the BugTrag mailing List. They conducted further tests and found out that potential attackers can insert the exploit into the websites. The attack requires the JavaScript to cut open Internet Explorer’s loophole and drop the payload. The IE 6 & IE 7 vulnerability is primarily related to how IE uses CSS (Cascading Style Sheet) information.
Symantec’s anti-virus currently detects the bug via a Bloodhound.Exploit.129 signature update, while Symantec IPS (Intrusion Prevention System) also detects it with HTTP Microsoft IE Generic Heap Spay BO and HTTP Malicious Javascript Heap Spray BO signature. While the exploit is still in its early days, but can bet on hackers, who’ll be looking to improve upon it further. For users who are on IE 6 & IE 7, I would recommend them to upgrade to IE 8 or ditch Internet Explorer all together and switch over to Mozilla Firefox 3.5.5 or Opera 10.10 web browser.
Via: IT Pro
Well I don’t know about the users but all the designers and programmers surely want to ditch IE6 & 7. IE is really a pain in the a@@..
Ya , Mahesh and its high time users switch to other better options.
