Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Patch update fails to capture explorer exploit.

Lumension Security : 12 July, 2007  (Technical Article)
Firefox and explorer users suffer zero day vulnerability after patch releases illustrating the need for more pro-active controls than simple patch application.
Despite Patch Tuesday, IT administrators are forced to turn their attentions to a zero-day exploit on Mozilla Firefox and Internet Explorer.

Paul Zimski, Senior Director of Market Strategy, comments:

"Patches aren't the only concerns that IT administrators have to worry about today with an active zero day exploit on the loose. The exploit affects Mozilla Firefox and Internet Explorer and could allow a hacker to execute arbitrary commands and take complete control of a user's system. While the flaw affects IE users, the risk is limited to those who already have Firefox installed. This flaw enables Firefox to call on other web resources and security researchers allege that the URI "firefoxurl:// is open to malicious code injection that could leave users at risk."

While Mozilla is currently working on a fix, organizations need to a proactive approach to mitigate risk to the network by alerting its users to be careful when browsing the web and only visit trusted sites. Companies should be handling active scripting inside the Java browser to limit users visiting infected sites. While there are three critical patches that IT administrators have to deal with today, companies should prioritize and deploy the fix immediately for this exploit when it's released."
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo