College Navigation

Information Technology News

High Risk Internet Explorer 7 Vulnerability

Published on: December 12, 2008

Note: This story may not be current. It is part of the IT News Archive, and exists as a historical document.

Using a webpage configured to take advantage of a newly reported vulnerability in Internet Explorer 7 (IE 7), hackers can possibly install programs; view, change, or delete data; or create new accounts with full user rights on a users machine.

So far, attacks have only been against computers running IE 7. However, Microsoft point out that versions 5, 6, and 8 Beta 2 are potentially vulnerable.

This vulnerability is currently being exploited on the Internet and there is no patch available at this time.

Currently known attacks cannot perform an exploit automatically through e-mail.

UH Information Technology has the following recommendations:

  • Install the appropriate vendor patch as soon as it becomes available after appropriate testing.
  • Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
  • Do not visit un-trusted websites or follow links provided by unknown or un-trusted sources.
  • Do not download or open files from un-trusted websites.

For more information, you can find the Microsoft TechNet article here .