Microsoft tackles second Internet Explorer bug this week

News

Microsoft tackles second Internet Explorer bug this week

Antony Savvas

Microsoft is investigating the second security flaw discovered in its Internet Explorer browser this week.

The latest reported browser flaw could allow a remote attacker take over a user’s Windows-based computer.

The flaw has been reported to the company by Dutch programmer Jeffrey van der Stad, who published limited details of the flaw on his website.

The problem relates to the way Internet Explorer processes HTA files, which are used with web applications.

The reported vulnerability affects Internet Explorer 6 running on the Windows 98, Windows XP and Windows 2003 Server operating systems, according to van der Stad.

He says the bug could allow a remote attacker to run an HTA file without the affected user's permission.

Microsoft said it was investigating the issue and would consider issuing a security patch to address the potential problem at a later date. The company is not aware of any exploits of the bug in the wild.

Earlier this week, Microsoft said it was tackling a problem in IE6 that reportedly allowed remote attackers to run arbitrary code on affected users’ systems, once they had visited a malicious website.

Microsoft's next scheduled security patch release date is Tuesday 11 April.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy