Microsoft releases fix for Internet Explorer flaw used in attacks

Feb. 20, 2014 at 7:46 PM   |   Comments

REDMOND, Wash., Feb. 20 (UPI) -- Microsoft says it's releasing a temporary workaround for a newly found flaw in Internet Explorer already being used in at least two targeted attack campaigns.

Two separate hacking efforts have been seen exploiting the bug in Internet Explorer 10, also present in IE9 but not earlier IE versions, that lets attackers remotely run code via malicious JavaScript, darkreading.com reported Thursday.

"At this time, we are only aware of limited, targeted attacks against Internet Explorer 10," Dustin Childs of Microsoft's Trustworthy Computing group wrote on a Microsoft blog. "This issue allows remote code execution if users browse to a malicious website with an affected browser. This would typically occur by an attacker convincing someone to click a link in an email or instant message," he said.

The released fix protects against the known attacks that exploit the bug, he said.

"Internet Explorer 11 is not affected by this issue, so upgrading to this version will also help protect customers from this issue," Childs said.

© 2014 United Press International, Inc. All Rights Reserved. Any reproduction, republication, redistribution and/or modification of any UPI content is expressly prohibited without UPI's prior written consent.
Recommended UPI Stories
Featured UPI Collection
Notable deaths of 2014 [PHOTOS]

Notable deaths of 2014 [PHOTOS]

FERC says sky isn't falling on grid security
Charge 'sharing' by electric cars could ease strain on power grid
Most Popular
Tropical storm Karina looks like the number 9 from space
Study explains why ER nurses do what they do
Fish can smell a bad coral reef
Latvia boasts world's first net for migrating bats
Seals, sea lions likely spread tuberculosis to humans
Trending News