New Exploit Targets Older Versions of Internet ExplorerBy Lawrence Walsh | Posted 2009-11-23 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Symantec is reporting that a new CSS vulnerability is leaving users of Internet Explorer 6 and 7 vulnerable to malware infection via malicious and compromised Web sites. A patch isn’t available, and antivirus vendors are working on new detection signatures.
Symantec is reporting that older versions of Microsoft Internet Explorer are susceptible to a new attack against a vulnerability in its cascading style sheets (CSS). While a working exploit hasn’t been detected, Symantec suspects that it’s only a matter of time before hackers start actively using this new vulnerability with a full-functioning exploit.
According to Symantec, the CSS vulnerability affects versions 6 and 7 of the Microsoft browser. Exploits currently detected are unreliable, meaning that they don’t always work. However, when a working, full-functioning exploit is produced, Symantec says hackers will be able to inject malicious code into Web sites and stealthily infect PCs.