Homepage tabWindows tabGames tabDrivers tabMac tabLinux tabScripts buttonMobile tabHandheld tabGadgets tabNews tab


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home / News / Microsoft / Internet Explorer

Internet Explorer

IE8 Beta 2 Exploits Hosted on Adult Content Websites

Claims Microsoft

By Marius Oiaga, Technology News Editor

16th of December 2008, 12:48 GMT

Adjust text size:


Internet Explorer
Enlarge picture
Expanding the concept of user protection beyond the traditional meaning associated with browser security, Microsoft warned that surfing adult content websites with Internet Explorer could expose users to attacks involving exploits of a yet unpatched vulnerability in all supported versions of IE, including IE8 Beta 2. The Redmond company informed that the exploit was associated not only with adult content, but also with legitimate websites that had been taken over by attackers.

“Some legitimate websites were maliciously modified to include the exploits. For example, a popular search engine in Taiwan was found to be hosting the exploit. Luckily, that site was quickly cleaned. Secondly, we’ve noticed some pornography sites have started hosting these exploits too: We recently found a web site in Hong Kong that serves various content including adult entertainment,” Microsoft's Ziv Mador and Tareq Saade explained.

As of December 12, 2008 Microsoft confirmed that all versions of Internet Explorer were impacted by the exploits targeting the 0Day (Zero Day) vulnerability affecting the XML parsing engine and the library MSHTML.DLL. The Redmond company explained that the security flaw was caused by an invalid pointer reference residing in the data binding function of IE.

According to the Redmond company, only Internet Explorer 7 on all supported versions of the Windows operating system is under attack. However, all IE releases are vulnerable, including Internet Explorer 8 Beta 2 running on Windows Vista SP1, Windows XP SP3, and Windows Server 2008. Microsoft did not indicate in any manner if users of Internet Explorer 8 Beta on Windows 7 were also at risk.

“Based on our stats, since the vulnerability has gone public, roughly 0.2% of users worldwide may have been exposed to websites containing exploits of this latest vulnerability. That percentage may seem low, however it still means that a significant number of users have been affected. The trend for now is going upwards: we saw an increase of over 50% in the number of reports [on December 13] compared to [December 12],” Mador and Saade added.

TAGS:

 IE8 Beta 2 | Internet Explorer 8 | exploit | IE7 | vulnerability
Read by 2,035 user(s) | Add comment | Link to this article TWEET THIS


Article rating:
NOT RATED 0 vote(s)    

Subscribe to news | Print article | Send to friend

© Copyright 2001-2009 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Critical 0Day Vulnerability in IE8 Beta 2 and IE7 on Vista SP1 and XP SP3

Download Vista SP1 and XP SP3 Security Release ISO Image December 2008

Microsoft Patches Critical Vista SP1 and XP SP3 Vulnerabilities

Internet Explorer 8 Beta 2 Safe from IE7, IE6, and IE5 Critical Vulnerabilities

Microsoft Warns of New Vista SP1 and XP SP3 Critical Vulnerabilities

Update Windows 7 Pre-Beta to Play Nice with NTFS External Drives

Vulnerable Windows Machines Sitting Ducks for the Conficker Worm

Office 2007 Service Pack 2 More Secure than SP1

User opinions:


Comment #1 by: Joel on 16 Dec 2008, 16:43 GMT reply to this comment

The blog post doesn't mention IE8 beta 2 exploits. This article is wrong.

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 




Windows tabGames tabDrivers tabMac tabLinux tabScripts tabMobile tabHandheld tabGadgets tabNews tab

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive