Microsoft (Nasdaq: MSFT) has warned users of an Internet Explorer bug that could allow hackers to take control of unprotected computers. The company said it is still working on a permanent solution to debug IE, although it has released a workaround.
The bug revolves around the way IE manages a computer's memory when processing Cascading Style Sheets -- a widely used technology that defines the look and feel of pages on a website.
Hackers and cyber-criminals can exploit IE's memory management to inject their own malicious code into the stream of instructions a computer processes as a browser is being used.
Meanwhile, Microsoft has also recommended the use of a protection system known as the Enhanced Mitigation Experience Toolkit. Windows XP users may have to update the version of their operating system they are using while installing and applying the toolkit. However, some of the protection features that Windows 7 and Vista users enjoy will not be available to those using Windows XP.
Dave Forstrom, director of Microsoft's Trustworthy Computing group, said he had no knowledge about any attacks that took advantage of the claimed vulnerability or that had affected customers.
"As vulnerabilities go, this kind is the most serious as it allows remote execution of code," said Rik Ferguson, senior security analyst at Trend Micro. "This means the attacker can run programs, such as malware, directly on the victim's computer."
"It is highly reminiscent of a vulnerability at the same time two years ago, which prompted several national governments to warn against using IE and to switch to an alternative browser," Ferguson continued.
Want to read more about Microsoft? Add it to My Watchlist, which will find all of our Foolish analysis on this stock.
International Business Times, The Global Business News Leader
