Welcome to WebmasterWorld Guest from 54.242.206.44

Forum Moderators: open

Message Too Old, No Replies

Bug Hits IE9 And Earlier Versions

     
1:53 pm on Sep 18, 2012 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:22718
votes: 291


Today we released Security Advisory 2757760 to address an issue that affects Internet Explorer 9 and earlier versions if a user views a website hosting malicious code. Internet Explorer 10 is not affected.

We have received reports of only a small number of targeted attacks and are working to develop a security update to address this issue. In the meantime, customers using Internet Explorer are protected when they deploy the following workarounds and mitigations included in the advisory:

  • Deploy the Enhanced Mitigation Experience Toolkit (EMET)
    This will help prevent exploitation by providing mitigations to help protect against this issue and should not affect usability of websites.
  • Set Internet and local intranet security zone settings to "High" to block ActiveX Controls and Active Scripting in these zones. This will help prevent exploitation but may affect usability; therefore, trusted sites should be added to the Internet Explorer Trusted Sites zone to minimize disruption.
  • Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones. This will help prevent exploitation but can affect usability, so trusted sites should be added to the Internet Explorer Trusted Sites zone to minimize disruption.
    Bug Hits IE9 And Earlier Versions [blogs.technet.com]
  • 11:23 am on Sept 20, 2012 (gmt 0)

    Administrator from GB 

    WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

    joined:May 9, 2000
    posts:22718
    votes: 291


    Microsoft is to release an out-of-band security fix on Friday 21 September.
     

    Join The Conversation

    Moderators and Top Contributors

    Hot Threads This Week

    Featured Threads

    Free SEO Tools

    Hire Expert Members