Microsoft once again warned IE security vulnerabilities to become targets

  

March 10th news, according to foreign media reports, Microsoft warned that a new security vulnerability in IE 6 and IE 7 browser has become the target of the attack. As part of the patch Tuesday, Microsoft has patched eight security vulnerabilities in Windows and Office software.

Microsoft said the security patch KB981374 has fixed a secret disclosure security vulnerability. This security vulnerability allows an attacker to take control of a user's computer if the user visits a malicious website.

Microsoft said in a security bulletin that the IE browser protection mode in Windows Vista and later versions of the Windows operating system helps limit the impact of this security vulnerability because of the attacker who successfully exploited the security vulnerability. Permissions on this system are limited. By default, IE on Windows Server 2003 and Windows Server 2008 operating systems runs in restricted mode, which is an enhanced security setting. This mode sets the security level of the Internet zone to high. This will alleviate the risk of sites that you have not added to the IE Trusted Sites area.

This security bulletin also provides measures to bypass this vulnerability. Microsoft recommends that IE 6 and IE 7 users upgrade to IE 8 immediately.

Andrew Storms, security operations manager at nCircle, said that this is the second time Microsoft has issued a warning about a new IE zero-day attack security vulnerability in three months. The last time Microsoft released this warning was in January of this year. Microsoft disclosed that attackers attacked Google and other companies with IE security breaches at the end of last year.

The first security patch released by Microsoft in March is MS10-016. This patch fixes a security vulnerability in the Windows Movie Maker program. If a user opens a maliciously crafted Movie Maker project file, an attacker can exploit this vulnerability.

The second security patch released by Microsoft is MS10-017. This patch fixes security vulnerabilities affecting all current supported versions of Microsoft Office Exce and Office 2004 and Office 2008 for Mac, Mac system open XML file format converters, supported versions of Excel viewer and SharePoint 2007.

Microsoft also re-released the security patch numbered MS09-033. This patch fixes a security vulnerability in Microsoft Virtual PC and Microsoft Virtual Server. Software affected by this security vulnerability has also added Microsoft Virtual Server 2005.



Copyright © Windows knowledge All Rights Reserved