Are you using Internet Explorer right now?, then you should be aware from issue that Critical Vulnerability has been Detected in Microsoft Internet Explorer. Today morning when i have started my Desktop Machine, i Got an Error Message From Quick Heal Antivirus Saying the critical vulnerability detected in Microsoft IE Browser. This "Vulnerability in Internet Explorer Could Allow Information Disclosure". And investigation so far has shown that if a user is using a version of Internet Explorer that is not running in Protected Mode an attacker may be able to access files with an already known filename and location.
The vulnerability exists due to content being forced to render incorrectly from local files in such a way that information can be exposed to malicious websites. Below i have Attached the Message i have got from my Quick Heal Antivirus popup Window.Dear User,
Critical vulnerability has been detected in Microsoft
Internet Explorer. This vulnerability can be get
exploited by cyber criminals to infect users computers
visiting the specially crafted web pages.
Microsoft has also released security advisory on the
vulnerability. To know more about the vulnerability,
please visit following URL.
http://www.microsoft.com/technet/security/advisory/980088.mspx
"Looking at the wide scope to which it affects, it will
not be too long that we will see the vulnerability being
exploited by the hackers" says Sanjay Katkar, CTO, Quick
Heal Technologies (P) Ltd.
All Quick Heal Users using Windows Vista, Windows 7 and
above operating systems are recommended to keep protected
mode ‘ON’ while using Internet Explorer. To enable
protected mode in Internet Explorer, please take below
given steps.
1.Open Internet Explorer.
2.Go to Tools -> Internet Options.
3.Tick ‘Enable Protected Mode’ option.
4.Restart Internet Explorer.
Users using XP and below versions of vista are advised
to keep Windows Update enabled and to be cautious while
surfing.
Thanks,
Quick Heal Team.
Below is the Issue and Updates from Microsoft Security Advisory (980088):
Microsoft is investigating a publicly reported vulnerability in Internet Explorer for customers running Windows XP or who have disabled Internet Explorer Protected Mode. This advisory contains information about which versions of Internet Explorer are vulnerable as well as workarounds and mitigations for this issue.
Our investigation so far has shown that if a user is using a version of Internet Explorer that is not running in Protected Mode an attacker may be able to access files with an already known filename and location. These versions include Internet Explorer 5.01 Service Pack 4 on Microsoft Windows 2000 Service 4; Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4; and Internet Explorer 6, Internet Explorer 7, and Internet Explorer 8 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows Server 2003 Service Pack 2. Protected Mode prevents exploitation of this vulnerability and is running by default for versions of Internet Explorer on Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008.
The vulnerability exists due to content being forced to render incorrectly from local files in such a way that information can be exposed to malicious websites.
At this time, we are unaware of any attacks attempting to use this vulnerability. We will continue to monitor the threat environment and update this advisory if this situation changes. On completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.
Visit this link to know more details: http://www.microsoft.com/technet/security/advisory/980088.mspx
Visit this link to know more details: http://www.microsoft.com/technet/security/advisory/980088.mspx
I will keep updating this article as soon as i get some solutions from microsoft people and hope that they will release some patches very soon. Tell This issue to your friends and fellows.
