Just a few weeks since the last time Microsoft ran behind its Internet Explorer with a box of bandages, the Redmond giant is back with another Security Advisory (# 980088), warning users that the Internet this time Explorer could be used for sharing the contents of our entire hard drive with the Internet .
Presented and discussed through a sample of code as a mere “proof of concept” at the Black Hat DC conference by Jorge Luis Alvarez Medina from Core Security Technologies, the vulnerability requires the attacker to tell with just a name user and location (domain) valid for access through IE to the local files within the file system.
For a change, “Microsoft is not aware of attacks using the vulnerability in question” however, recommends users upgrade to the latest version of IE, and elaborate the reasons for and details involved in Exploit . The catalyst, again, is none other than the absence of the “Protected Mode” in IE, or use older versions of the browser without support for such functionality (in other words, anything from Internet Explorer 5.01 to IE6, IE7 and even IE8 on Windows XP and Windows Server 2003). IE7 and IE8 running in Protected Mode by default in Windows Vista, Windows Server 2008 and Windows 7, remained in these scenarios in a relatively secure .
If you have already convinced you upgrade your Internet Explorer installation, here are a couple of links that will be of help.
Get a Gravatar
Why don't you make one?