As Life Goes Digital

As Life Goes Digital

Technology, Cricket, Deals, Immigration etc …


New critical bug in Microsoft IE versions

If you are using Internet Explorer for internet browsing then make sure you follow this procedure to avoid hackers exploit this newly found bug – “Vulnerability in Internet Explorer Could Allow Remote Code Execution”

Affected IE versions – IE5.01, IE6, IE7 and IE8 Beta 2
Affected Windows Operating systems – Windows 2000, XP, Vista, Server 2003 or Server 2008

Here is detailed report on the bug from Microsoft

Check the Microsoft FAQ to patch the bug with given workaround : It seems to be a lot of procedure and I wish Microsoft release the automatic patch so that this can be avoided.

Which of the workarounds should I apply to my system in order to be protected?
Based on our investigation, setting the Internet zone security setting to High will protect users from known attacks. However, for the most effective protection, customers should evaluate a combination of using the High security setting in conjunction with one of the following workarounds.

•Disable XML Island functionality
•Restrict Internet Explorer from using OLEDB32.dll with an Integrity Level ACL
•Disable Row Position functionality of OLEDB32.dll
•Unregister OLEDB32.dll
•Use ACL to disable OLEDB32.dll

For additional workaround details, please see the following post: http://blogs.technet.com/swi/archive/2008/12/12/Clarification-on-the-various-workarounds-from-the-recent-IE-advisory.aspx#workarounds.

Each of these workarounds is equally effective in protecting customers; however, each workaround has different impacts based on the environment in which they are applied. We encourage customers to evaluate which of the workarounds would be least impactful to their environment, based on the impact statements included with each workaround.


EMAIL NEWSLETTER

Your Email Address:

Delivered by FeedBurner


Posted By: Kalyan | Date: December 14, 2008 | Categories: Uncategorized
Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *