Internet Explorer 8 Under Threat in India: Cyber Agency - The New Indian Express

Internet Explorer 8 Under Threat in India: Cyber Agency

Published: 27th May 2014 05:28 PM

Last Updated: 27th May 2014 05:28 PM

NEW DELHI: Cyber security sleuths have alerted Indian users against a "high" level virus activity in a select version of popular Microsoft-owned web browser – the Internet Explorer.

The vulnerability, which once activated may compromise the privacy of a user's computer system, has been detected in the Microsoft Internet Explorer version "8" by the Computer Emergency Response Team of India (CERT-In), the country's nodal agency to combat hacking, phishing and to fortify security-related defences of the Indian Internet domain.

The severity of the malfunctioning has been categorized as "high" by the agency.

"A use-after-free vulnerability has been reported in Microsoft Internet Explorer (version 8) which could allow an unauthenticated remote attacker to execute arbitrary code on a target system.

"The vulnerability exists due to improper handling of CMarkup objects within "CMarkup::CreateInitialMarkup". An unauthenticated, remote attacker could exploit this issue by enticing a user to view specially crafted HTML document triggering a memory corruption," the advisory said.

It added that the successful exploitation of this malfunctioning "could allow the attacker to execute arbitrary code on the system with the privileges of the targeted user."

"This essentially means that if the malfunctioning gets activated it could harm the privacy and private information of the users' computer," a cyber security official said.

The agency has asked Internet users to upgrade their Microsoft Internet explorer to version "11".

Some of the other counter-measures suggested by the agency include deploying and configuring the Microsoft Enhanced Mitigation Experience Toolkit (EMET) for Internet Explorer, setting the Internet security zone to "high" to block ActiveX controls and active scripting and configuring Internet Explorer to prompt before running active scripting or to disable active scripting in the Internet and local intranet security zone.

comments powered by Disqus

Disclaimer: We respect your thoughts and views! But we need to be judicious while moderating your comments. All the comments will be moderated by the NIE editorial. Abstain from posting comments that are obscene, defamatory or inflammatory, and do not indulge in personal attacks. Try to avoid outside hyperlinks inside the comment. Help us delete comments that do not follow these guidelines.


Read More


Astrology


follow us Mobile Site iPad News Hunt Android RSS Tumblr Linekin Pinterest Youtube Google Plus Twitter Facebook