DV Hardware - bringing you the hottest news about processors, graphics cards, Intel, AMD, NVIDIA, hardware and technology!

   Home | News submit | News Archives | Reviews | Articles | Howto's | Advertise
DarkVision Hardware - Daily tech news
January 21, 2018 
Main Menu
News archives

Who's Online
There are currently 65 people online.


Latest Reviews
Arctic BioniX F120 and F140 fans
Jaybird Freedom 2 wireless sport headphones
Ewin Racing Champion gaming chair
Zowie P-TF Rough mousepad
Zowie FK mouse
BitFenix Ronin case
Ozone Rage ST headset
Lamptron FC-10 SE fan controller

Follow us

Windows hit by zero-day MHTML flaw

Posted on Monday, January 31 2011 @ 18:04:53 CET by

Microsoft issued a warning for a newly discovered security vulnerability which affects the MHTML component of Internet Explorer. The flaw could be abused to inject code to be run in the same security context as Internet Explorer. All versions of Windows including Windows 7 are affected, the vulnerability is not thought to be under active exploitation but sample attack code was recently published in a Chinese-language security magazine.
According to Microsoft's recently-published Security Advisory, the vulnerability exists due to the manner in which MHTML interprets certain MIME-format requests for portions of a document. By modifying the requests in a certain way, an attacker can inject code to be run on the client's system in the same security context as Internet Explorer.

The company warns that the flaw is capable of spoofing website content, disclosing information from the victim's computer and interacting with websites without user-input.
Microsoft has not yet decided whether an update will be provided through the monthly release process or an out-of-cycle update. Temporary fixes are described at Microsoft's website.

Source: Bit Tech



DV Hardware - Privacy statement
All logos and trademarks are property of their respective owner.
The comments are property of their posters, all the rest © 2002-2017 DM Media Group bvba