Microsoft expands zero-day IE warning

By on
The security hole in Internet Explorer that went unpatched earlier this week is apparently more serious than originally believed, with Microsoft now saying the flaw affects all versions of the browser. In a revised security advisory the company spelled out the root of the problem, saying that the bug is in IE's data binding functionality and, contrary to earlier reports by independent security researchers, not in the HTML rendering code.

Microsoft is trying to get to the bottom of the issue but, in the meanwhile, is offered users some tips on how to prevent the zero-day attacks such as making sure their Internet security settings are set to “high” so that IE will prompt before running any ActiveX controls or active scripting. Additionally, the company is recommending users to disable active scripting altogether and enable Data Execution Prevention. Further details on how to stay safe are available here.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.