During the Fourth of July weekend, Microsoft released a patch for Internet Explorer, MS’s web browser. The patch was designed to thwart a security hole that would allow malicious code to be spread from IE to the user’s computer.
According to News.com, the flaw was an Active X scripting component. To fix this flaw, Microsoft designed the patch to remove the ability of Active X from writing to the hard drive.
Though the “fix” can be considered temporary, Stephen Toulouse, security program manager for Microsoft’s security response center said, “It is a permanent change, but it is an interim step–we are still in the middle of our investigation. We have taken a look at the functionality in the product and seen that that functionality is really being used by attackers.”
The hole allowed malicious sites to infect unpatched computers with a Trojan virus. The most common viruses used were Download.Ject and JS.Scob.Trojan. This and several other security flaws with IE have caused computer security experts to recommend other web browsers.
The security hole in question has been an issue with Microsoft for close to 9 months.
Chris Richardson is a search engine writer and editor for murdok. Visit murdok for the latest search news.
