by Playfuls Staff |
21st March 2006
A newly reported bug in version 6 of Internet Explorer is now undergoing thorough investigations. According to Microsoft, the recently discovered flaw could cause the browser to crash when viewing a web page which contains malicious code. [more]
"This might not come as a surprise, but there appears to be a very interesting and apparently very much exploitable overflow in Microsoft Internet Explorer" wrote researcher Michal Zalewski when giving more details of the security weakness on a popular security mailing list last week.
In an advisory published on Monday, Secunia warned that the flaw can be exploited by an attacker to crash Internet Explorer and deemed it as "not critical". The vulnerability has been confirmed on a fully patched PC running Internet Explorer 6 and Windows XP with Service Pack 2, the security monitoring company said.
Microsoft is investigating the issue, a company representative said in an e-mailed statement.
"At this time, we are not aware of any attacks attempting to use the reported vulnerability", the representative wrote.
Once it completes its inquiry, Microsoft said, it may issue a security advisory or provide a patch through its monthly release process.
