Viruses/Worms News

Malware sites could target JScript flaws in Internet Explorer

Friday, September 11, 2009

Microsoft's September security update contains fixes for several vulnerabilities that security experts warn pose a threat to all versions of Windows using Internet Explorer (IE). Malware writers could exploit the IE flaws in drive-by download cyberattacks.

Of the five critical security vulnerabilities identified by Microsoft this week, four deal with security holes in IE’s JavaScript reader, which could allow maliciously crafted files on websites running JavaScript to infect a user's PC.

Andrew Storms, director of security operations at nCircle Network Security, said other security flaws got most of the initial attention, but the IE vulnerabilities have the most impact.

"Those are the big problem this month because they affect IE when the user is doing the normal thing on the computer - surfing the internet," Storms said, according to Computerworld.

Microsoft said the flaws exist in JScript 5.1 on Microsoft Windows 2000 Service Pack 4 and JScript 5.6, JScript 5.7 and JScript 5.8 on all supported releases of the Windows operating system - except Windows 7 and Windows Server 2008 R2.

If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system, Microsoft said.

ADNFCR-1765-ID-19357292-ADNFCR

Related News:

Researchers: Malware attackers reloading for Windows 7 assaults - 11.20.2009
A report issued yesterday by computer security firm Symantec says that hackers are undoubtedly reworking their malicious software to target Windows 7 as more users switch to the latest version of Microsoft's flagship OS.

Want to secure your iPhone against intruders? There's an app for that - 11.20.2009
Cisco Systems today released a free iPhone app that will allow users to receive security updates and the latest news on web threats, as well as aggregating additional security related content for iPhone users.

Microsoft says 64-bit versions of Windows are harder to infect - 11.19.2009
Members of Microsoft's security team write that 64-bit editions of Windows are much less susceptible to malware attacks, but outside experts caution that 64-bit malware could be the next big thing in cyber crime.

Google coming down hard on malicious advertisers - 11.18.2009
Search giant Google has said that it will lay down the law where scam artists and malvertisers are concerned: Permanent bans will be the result of any fraudulent activity on the company's AdWords service.

If at first you don't succeed: Most malware protection fails first round of certification testing - 11.17.2009
A study performed by security testing and research firm ICSA Labs says that almost four out of five computer security products fail their first certification tests and need to be retooled for a second and sometimes a third attempt.
View Related Resources
Or
Watch an Online Demo
Or
Have us call you now