Microsoft issues security advisory over IE remote code execution vulnerability

Posted on 2 Mar 2010 at 12:46

Microsoft has issued a new security advisory after it was reported that Internet Explorer contains a flaw that would allow hackers to run malicious code on a user's computer.

"The vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer. If a malicious Web site displayed a specially crafted dialog box and a user pressed the F1 key, arbitrary code could be executed in the security context of the currently logged-on user," said the advisory.

Microsoft has released some advise on how not to fall victim to the flaw: don't press F1.

The security advisory couldn't have come at a worse time for Microsoft: it was released on the same day that it had to give users of its Windows operating systems a choice of browser in a ballot screen, and the same day that the company [href="http://www.expertreviews.co.uk/utilities/276175/microsoft-follows-browser-ballot-with-ie8-porn-mode-tv-ads" target="_blank"]resorted to TV ads[/a] to push IE8 as the best browser.

Author: David Ludlow

Get more reviews, tutorials and in-depth advice, every month with Computer Shopper.
Click here to try 3 issues for £1

< Previous News : Internet security Next >

Be the first to comment on this article

You need to Login or Register to comment.