Security Firm Releases Patch For Zero-Day IE Flaw
March 31, 2006 The Community
EEye Digital Security has released a temporary patch for a zero-day vulnerability in Internet Explorer that is being used by malicious Web sites to install spyware on users’ computers, officials said Tuesday. The eEye patch is meant as a placeholder until Microsoft Corp. releases a permanent fix, which is expected by April 11, Marc Maiffret, co-founder and chief hacking officer of eEye, based in Aliso Viejo, Calif., said. At that time, users of the eEye patch are advised to use the add/remove program in Windows to delete the fix before installing the Microsoft patch.Meanwhile, Websense Inc. said Tuesday that the number of Web sites exploiting the vulnerability has declined from the 200 reported Monday. However, Dan Hubbard, senior director of security at the San Diego-based company, said he has seen an increase in the number of different exploits, indicating that more people or groups are writing code to take advantage of the flaw. As a result, the number of malicious Web sites was expected to increase.
The vulnerability, called the CreateTextRange bug, enables hackers to …
Read the rest of the article HERE…
-
RSS Subscription
-
Email Subscription
-
-
Contribute
-
Banktastic was created to connect bank & credit union people so they could easily share & find industry-relevant information. We have moderated ways to share information and those that share a lot can qualify for unmoderated access to post directly to the site. As always, comments are open for all to participate. Thank you. Share Content
-
-
Twitter
- RT @jrwlay: Interactive white paper from @BrettKing @Geezeo @sapientnitro shared 2day in @thegarlandgroup webinar http://ht.ly/2zbZr #en ...
- @BofA_Help You're very welcome!
- Thanks to those who joined the webinar and @matthod @jrwlay @shawntemple @natasha_d_g for being a part of our tweetchat! #NextGenCompliance
-
Archives