Quantcast
PC World: Technology Advice You Can Trust
Search
Browse by Topic
Subscribe to magazine

Magazine

Subscribe & Get
a Bonus CD

Customer Service

Audio & Video Business Center Cameras Cell Phones & PDAs Desktop PCs Gadgets Gaming HDTV Laptops Macs & iPods Monitors Printers Software Spyware & Security Storage Upgrading Windows Vista & XP
Resource Centers
Asus Notebook Center
Intel Technology Center
CDW Solution Center
Lenovo Laptop Showcase
Try It Free
White Paper Library
Webcast Library
Most Popular Search Terms
Most Popular Products
Most Popular Downloads
Today at PC World
Today @ PC World
News, opinion, and links from the PC World staff.
Recent entries in this blog:
Wednesday, September 20, 2006 1:48 PM PT Posted by Erik Larkin

Internet Explorer Hit Again

There's a new IE vulnerability being actively exploited in the wild that can nail fully patched systems with a virus or other malicious software. A poisoned Web page or HTML e-mail using VML (Vector Markup Language), used for relatively uncommon vector graphics, could hit you with a drive-by-download without any action from you aside from viewing the page or e-mail.

Microsoft doesn't yet have a patch for this hole, which hits IE on Windows XP, Windows 2000 and Windows Server 2003, according to Microsoft's bulletin. The bulletin says a poisoned banner ad on an otherwise legit site could also trigger the attack. Sunbelt got the first notice up, as far as I know. And F-Secure has a workaround posted with a command you can run to unregister the dll's that are used for VML.

Your best bet, though, would be to switch to an alternate browser like Firefox or Opera, which according to F-Secure don't use VML. Outlook e-mails are also potentially vulnerable, but not by default, per F-Secure.
Comments

SocketShield from Exploit Prevention Labs protects against this, according to their press release issued today:
http://biz.yahoo.com/prnews/060920/sfw169.html?.v=1

secsleuth
September 20, 2006
5:51 PM PT

what else is new? Most computers have IE so why would hackers spend time on trying to break in a Mac or firefox browsing computers. When they can attack IE, which is widely used.

dulun18
September 23, 2006
10:26 AM PT

once everyone changes to a diff browser then hacker will start on that more, no one seems to understands its just not IE like the guy above me said its what most people use hence why its hacked more Dee dee Dee common sense

Gondo2k2
September 24, 2006
12:04 AM PT
Post a comment Post a comment
Recent Posts
More Bad News for Blu-Ray
McCain Pushes Fair Use on YouTube
Firefox Update Enters Beta
Googling Is Good For Your Brain
Apple vs. the Economy: Can the New Macs Really Sell?
Motorola, Verizon Deliver ZN4 Touch-Screen: Krave
Pimp Your Flip Mino with Customizable Designs
Archives
View posts from:
 

PC World's Marketplace

PC World's Free Whitepapers

QUICK LINKS: cheap laptops cell phones laser printers HDTV reviews LCD TV Plasmas digital cameras laptop reviews security antivirus windows vista reviews digital camera reviews inexpensive desktop LCD wide screen monitors
tech news tech blogs community & forums laptop prices software reviews downloads
About UsContact UsAdvertiseASME GuidelinesNewslettersFAQIDG InternationalMagazine Customer Service
© 1998-2008, PC World Communications, Inc.Terms of Service AgreementPrivacy PolicyCommunity Standards
RSS FeedsXML

Visit other IDG sites: