Discovered a 0-day vulnerability in Internet Explorer 6, 7, 8 and 9

Despite the improvements Microsoft has made to your browser, are still finding bugs in Internet Explorer. The latter has been discovered a few days ago, a 0-day vulnerability that allows an attacker to run code on your computer, even without administrator permissions.

The vulnerability affects all versions of Internet Explorer on all operating systems, except Internet Explorer 10. For a computer to be attacked, have to visit a specially crafted web, I would download code to the computer and then run this ruling advantage.

As commented above, is a 0-day vulnerability, which means that already being actively exploited. De facto, I have found following a exploit vulnerability related to another (also 0-day) I am a Java SE 7 that was uncovered few days ago.

Microsoft is already aware of the vulnerability, but have not clarified whether the patch will appear as soon as you have or one of its patch tuesdays, releases of patches that make each month. While, sure you have the updated antivirus and not to visit strange sites to avoid being infected.




SOURCE: / security / vulnerability-una-pool-0-day-en-internet-explorer-6-7-8-y-9