|
|
此文章由 viviancn 原创或转贴,不代表本站立场和观点,版权归 oursteps.com.au 和作者 viviancn 所有!转贴必须注明作者、出处和本声明,并保持内容完整
http://www.theage.com.au/technol ... 20110201-1abmd.html
我没找到那个temporaty fix的连接,不知道哪里可以下载这个补丁安装?Windows Update没那么快出来。找到的tz麻烦分享下,加分答谢。
Microsoft has warned that the 900 million users of its Internet Explorer browser are at risk of having their computers hijacked and their personal information stolen by hackers.
The company has yet to develop a permanent fix for the security hole but users are being told to apply a temporary fix that prevents hackers from exploiting a hole to install malicious scripts. Users could be targeted simply by visiting an infected website.
In a security bulletin, Microsoft said the flaw affected all versions of Windows and, although it had yet to encounter "indications of active exploitation of the vulnerability", the flaw was serious and it was aware of proof-of-concept code exploiting the issue.
Advertisement: Story continues below "The main impact of the vulnerability is unintended information disclosure," said Microsoft's Angela Gunn in an accompanying blog post.
"For instance, an attacker could construct an HTML link designed to trigger a malicious script and somehow convince the targeted user to click it. When the user clicked that link, the malicious script would run on the user's computer for the rest of the current Internet Explorer session.
"Such a script might collect user information (eg., email), spoof content displayed in the browser, or otherwise interfere with the user's experience."
Microsoft added that the flaw, in addition to disclosing user information, could result in the user's machine being taken over, allowing hackers to "take any action that the user could take on the affected website on behalf of the targeted user".
Microsoft said it was working on a security update to patch the flaw but in the meantime users should install the temporary fix. Users are only protected if they find and install the patch themselves as Microsoft has yet to deliver an automatic update.
Users of other browsers such as Google Chrome and Firefox are not affected.
Michael Sentonas, chief technology officer for security software maker McAfee, said in a phone interview that he believed hackers would exploit the hole "very quickly".
"As of late last week there was a proof-of-concept available in the wild which showed how this exploit code could work," he said.
"When that does happen typically you will find exploits in the wild very quickly after that so we're obviously monitoring that very closely to make sure that people are protected."
According to analytics firm Net Applications, Internet Explorer is still the most-used web browser with a 57 per cent market share, following by Firefox (23 per cent), Google Chrome (10 per cent) and Safari (6 per cent). |
|
种青菜 (2014-10-5) qld 
艳丽悉尼---摄影大拼盘 (2010-6-16) sinkai 
发表于 2011-2-1 12:02
发表于 2011-2-1 14:19
