Information Technology News
High Risk Internet Explorer 7 Vulnerability
Note: This story may not be current. It is part of the IT News Archive, and exists as a historical document.
Using a webpage configured to take advantage of a newly reported vulnerability in Internet Explorer 7 (IE 7), hackers can possibly install programs; view, change, or delete data; or create new accounts with full user rights on a users machine.
So far, attacks have only been against computers running IE 7. However, Microsoft point out that versions 5, 6, and 8 Beta 2 are potentially vulnerable.
This vulnerability is currently being exploited on the Internet and there is no patch available at this time.
Currently known attacks cannot perform an exploit automatically through e-mail.
UH Information Technology has the following recommendations:
- Install the appropriate vendor patch as soon as it becomes available after appropriate testing.
- Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
- Do not visit un-trusted websites or follow links provided by unknown or un-trusted sources.
- Do not download or open files from un-trusted websites.
For more information, you can find the Microsoft TechNet article here .