has posted a new bulletin which describes a critical flaw in Internet Explorer which — wait for it — could allow a remote attacker to execute arbitrary commands on a compromised computer. The flaw affects all supported versions of IE and occurs because of “the creation of uninitialized memory during a CSS function within Internet Explorer.” Vista and 7 users are at less risk than those on XP because of their OS’s Protected Mode, which would limit the attacker’s access rights. suggests using EMET (Enhanced Mitigation Experience Toolkit) to protect all Internet Explorer processes — but it’s a tool designed for admins, not the average home user. While there’s no timetable given for an official fix, has already begun working with security providers to ensure that additional protection can be delivered via definition updates. They also, of course, recommend running all Windows Updates, making sure your firewall is turned on, and having a good, up-to-date antimalware program installed.

a7a4dfb1adarning.jpg 450x265 All Internet Explorer versions affected by newly discovered critical flaw

Link:
All Internet Explorer versions affected by newly-discovered critical flaw