SysChat is a free online computer support community. Ask questions, share resources, contribute knowledge and discuss technology. Join our growing community to access all features. Register Now!

SysChat » News » New Zero-Day Bug Crashes Internet Explorer


Computer and Technology news

LinkBack New Tools
New Zero-Day Bug Crashes Internet Explorer

New Zero-Day Bug Crashes Internet Explorer

Published by Sami

Bug New Zero-Day Bug Crashes Internet Explorer

Microsoft's Internet Explorer browser crashes when attacked through a new unpatched vulnerability, security companies warned Friday.

The zero-day bug occurs within the "mshtml" library when a malformed HTML tag with an abnormally large number of script handlers is fed to the browser. According to the researcher who posted the initial description to the Bugtraq security mailing list, attackers can easily crash IE by flooding its buffer.

The researcher, Michal Zalewski, also released proof-of-concept code that crashes the latest IE release on a fully-patched edition of Windows XP SP2.

Symantec noted in an alert to customers of its DeepSight system that its staff had confirmed the proof-of-concept code crashed IE in some, but not all, situations. Also on Friday, rival McAfee released a new signature to anti-virus customers that detects the proof-of-concept exploit.

Continue at source ..

News Source:


New Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are on

» Ads

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54