Microsoft releases security patch for Web browser

Jul 29, 2009
Microsoft released a security patch on Tuesday aimed at preventing hackers from exploiting a vulnerability in its Web browser, Internet Explorer.

Microsoft released a security patch on Tuesday aimed at preventing hackers from exploiting a vulnerability in its Web browser, Internet Explorer.

The US software giant said that the security update would be automatically installed for users who have automatic updating enabled on their computers but would need to be installed manually by other users.

It said the update resolves three privately reported vulnerabilities in Internet Explorer.

"These vulnerabilities could allow remote code execution if a user views a specially crafted page using Internet Explorer," Microsoft said.

It said the security patch "addresses these vulnerabilities by modifying the way that Internet Explorer handles objects in memory and table operations."

Microsoft said an attacker could exploit the vulnerability by constructing a specially crafted Web page.

"When a user views the Web page, the vulnerability could allow remote code execution," it said. "An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user."

"If a user is logged on with administrative user rights, an attacker who successfully exploited this could take complete control of an affected system," it said.

Microsoft said the security update was considered "critical" for users of certain versions of Internet Explorer running on Windows 2000 and Windows XP operating systems.

(c) 2009 AFP

Explore further: Microsoft CEO is driving data-culture mindset

add to favorites email to friend print save as pdf

Related Stories

Microsoft Investigates IE 7 Vulnerability

Mar 16, 2007

The vulnerability leaves users open to potential phishing attacks. Microsoft is investigating a new flaw uncovered in Internet Explorer 7 that opens users up to phishing attacks.

MS Patch Tuesday Fires Off 14 Critical Updates

May 09, 2007

System administrators will have to prioritize between updating Exchange and DNS servers while leaving equally important server and application updates dangling, experts say.

Recommended for you

Hackathon team's GoogolPlex gives Siri extra powers

3 hours ago

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Microsoft CEO is driving data-culture mindset

Apr 16, 2014

(Phys.org) —Microsoft's future strategy: is all about leveraging data, from different sources, coming together using one cohesive Microsoft architecture. Microsoft CEO Satya Nadella on Tuesday, both in ...

User comments : 0

More news stories

Hackathon team's GoogolPlex gives Siri extra powers

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Better thermal-imaging lens from waste sulfur

Sulfur left over from refining fossil fuels can be transformed into cheap, lightweight, plastic lenses for infrared devices, including night-vision goggles, a University of Arizona-led international team ...

Deadly human pathogen Cryptococcus fully sequenced

Within each strand of DNA lies the blueprint for building an organism, along with the keys to its evolution and survival. These genetic instructions can give valuable insight into why pathogens like Cryptococcus ne ...