Microsoft tackles second Internet Explorer bug this week


Microsoft tackles second Internet Explorer bug this week

Antony Savvas

Microsoft is investigating the second security flaw discovered in its Internet Explorer browser this week.

The latest reported browser flaw could allow a remote attacker take over a user’s Windows-based computer.

The flaw has been reported to the company by Dutch programmer Jeffrey van der Stad, who published limited details of the flaw on his website.

The problem relates to the way Internet Explorer processes HTA files, which are used with web applications.

The reported vulnerability affects Internet Explorer 6 running on the Windows 98, Windows XP and Windows 2003 Server operating systems, according to van der Stad.

He says the bug could allow a remote attacker to run an HTA file without the affected user's permission.

Microsoft said it was investigating the issue and would consider issuing a security patch to address the potential problem at a later date. The company is not aware of any exploits of the bug in the wild.

Earlier this week, Microsoft said it was tackling a problem in IE6 that reportedly allowed remote attackers to run arbitrary code on affected users’ systems, once they had visited a malicious website.

Microsoft's next scheduled security patch release date is Tuesday 11 April.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy