Digital Edition

SYS-CON.TV
eEye Practises "Responsible Disclosure" Over Newly-Discovered IE Vulnerabilities
"Remote Code Execution" Possible from Anywhere on the Internet, Says Expert

Two new bugs, one reported to Microsoft 19 days ago and the other reported 6 days ago, have been discovered in Internet Explorer, Outlook and additional miscellaneous MS titles. The company responsible for the discovery, eEye Digital Security - under its "responsible disclosure" policy - won't be disclosing any precise information to third parties until Microsoft releases an advisory or patch.

In very general terms, both vulnerabilities, which eEye rates as "High" in terms of their severity, are vulnerabilities "in default installations of the affected software that allows malicious code to be executed, contingent upon minimal user interaction."

All versions of Windows NT 4.0, Windows 2000 and Windows XP are affected, says eEye, whose spokesman Marc Maiffret says the vulnerabilities can be exploited to break into systems from "anywhere on the Internet" - hence their severity.

About Security News Desk
SYS-CON's Security News desk trawls the world of security for news of software, hardware, products, and services that seems likely to be of interest to infosec professionals and summarizes them for easy assimilation by busy IT managers and staff.

In order to post a comment you need to be registered and logged in.

Register | Sign-in

Reader Feedback: Page 1 of 1

The sole fact of saying there is something wrong is a disclosure.




ADS BY GOOGLE
Subscribe to the World's Most Powerful Newsletters

ADS BY GOOGLE

SYS-CON Events announced today that DatacenterDynamics has been named “Media Sponsor” of SYS-CON's 1...
Andi Mann, Chief Technology Advocate at Splunk, is an accomplished digital business executive with e...
Most DevOps journeys involve several phases of maturity. Research shows that the inflection point wh...
Dynatrace is an application performance management software company with products for the informatio...
Today, we have more data to manage than ever. We also have better algorithms that help us access our...
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held Novemb...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: D...
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22...
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, ...
SYS-CON Events announced today that IoT Global Network has been named “Media Sponsor” of SYS-CON's @...
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018,...
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing w...
Disruption, Innovation, Artificial Intelligence and Machine Learning, Leadership and Management hear...
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news an...
Enterprises are striving to become digital businesses for differentiated innovation and customer-cen...
DXWorldEXPO LLC announced today that Telecom Reseller has been named "Media Sponsor" of CloudEXPO | ...
Consumer-driven contracts are an essential part of a mature microservice testing portfolio enabling ...
To Really Work for Enterprises, MultiCloud Adoption Requires Far Better and Inclusive Cloud Monitori...
Adding public cloud resources to an existing application can be a daunting process. The tools that y...
Using new techniques of information modeling, indexing, and processing, new cloud-based systems can ...