One of the three Internet Explorer browser security vulnerabilities reported last week could now be used by remote attackers as a result of exploit code now circulating on the internet.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
The exploit code is said to give novice hackers an easy way to use the "createTextRange ()" flaw in Internet Explorer that was reported at the end of last week.
So far no exploit code has appeared on the internet for the two other flaws in IE that were reported last week.
The rogue code could now be used by remote attackers to take over users’ machines. The code can be used to attack users’ machines when they point their browsers at malicious websites taking advantage of the vulnerability.
Microsoft is said to be working on a fix for the flaw, along with patches for the other two reported bugs.
The next scheduled release date for Microsoft security patches is 11 April, although the company may consider issuing an earlier patch if there is evidence that the exploit code that is circulating is a serious threat to users.