Microsoft Internet Explorer might not be the most popular browser and the latest four code-execution bug might be another reason for users to shy away from the browser.
“Researchers at an HP security division have publicly detailed four code-execution vulnerabilities that can be used to hijack end-user machines running the latest versions of Microsoft’s Internet Explorer browser,” according to Arstechnica.
“The disclosures earlier this week came more than six months after researchers from HP-owned TippingPoint first privately reported the bugs to Microsoft security engineers.”
The bug fixes have been revealed yet Microsoft still hadn’t fixed the issues. According to the report, the four bugs are a gateway for hackers to install and run malicious code on users devices, that are then activated when the user visits “booby-trapped” websites after installing the Internet Explorer patch.
“The vulnerability relates to how Internet Explorer processes arrays representing cells in HTML tables,” the corresponding TippingPoint advisory explained, according to Arstechnica.
“By manipulating a document’s elements an attacker can force a Internet Explorer to use memory past the end of an array of HTML cells. An attacker can leverage this vulnerability to execute code under the context of the current process.”
Between this hack and the Hacking Team breach Microsoft has their hands full in an age where hacking and malicious threats are becoming a growing problem. It’s pretty scary what the four bugs are capable of but there are plenty of other browsers that you can use just incase you happen to be a loyal Internet Explorer user.
Read the full story.