Share
Via Gregg Keizer, Computerworld
Microsoft today warned Windows users of a new unpatched vulnerability that attackers could exploit to steal information and dupe people into installing malware.
In a security advisory issued Friday, Microsoft acknowledged that a bug in Windows' MHTML (MIME HTML) protocol handler can be used by attackers to run malicious scripts within Internet Explorer (IE).
(Full Article) Windows Flaw Allows IE Hack
Microsoft Security Advisory (2501696)
Vulnerability in MHTML Could Allow Information Disclosure
Microsoft recommends that users lock down the MHTML protocol handler by running a "Fixit" tool it's made available. The tool automates the process of editing the Windows registry, which if done carelessly could cripple a PC, and lets IE users continue to run MHTML files that include scripting by clicking through a warning.
The Fixit tool can be accessed from here:
Microsoft Security Advisory: Vulnerability in MHTML could allow information disclosure
About Black Knight
I am a computer repair technician with over 15 years experience and have been computer security and information privacy enthusiast for the last 4 years. I've helped literally thousands of individuals fix their issues by offering help through various blogs and Facebook pages. I like teaching myself and others new things, and believe in freely sharing knowledge.
No comments:
Post a Comment