Delmarva Group, LLC

Microsoft security advisory says IE's Protected Mode will protect users, if it's enabled

Microsoft warned on Wednesday that a flaw in its Internet Explorer browser gives attackers access to files stored on a PC under certain conditions.

"Our investigation so far has shown that if a user is using a version of Internet Explorer that is not running in Protected Mode an attacker may be able to access files with an already known filename and location," Microsoft said in a security advisory.

[ Learn how to secure your systems with Roger Grimes' Security Adviser blog and Security Central newsletter, both from InfoWorld. ]

The vulnerability requires that an attacker knows the name of the file they want to access, it said.

The disclosure is the latest security problem to affect IE. Last month, an undisclosed vulnerability in IE 6 was used in attacks that targeted more than 20 U.S. companies, including Google, which blamed China. The vulnerability has since been fixed by Microsoft.

The attacks led Google to announce last week that it would phase out support for IE 6, starting with Google Apps and Google Sites in March.

To read the full, original article click on this link: IE flaw gives hackers access to user files, Microsoft says | Security Central - InfoWorld

Author: Sumner Lemon