New security risk: “Internet Explorer turns your personal computer into a public file server”

January 25, 2010
by

New security risk: "Internet Explorer turns your personal computer into a public file server"It’s only a week until the Black Hat Conference, a security event where officials and hackers come together to either debate the industry or show off their skills. But while the event usually includes demonstrations of security gaps, one firm is already trailing a series of bugs in Internet Explorer.

Core Security Technologies says it has discovered a series of minor flaws in the browser which form a potentially lethal combination. If the firm is correct, a hacker could craft an infected Web page which exploits the flaws together to gain access to all data stored on the machine. In theory that could mean one click on a bogus link and you’re screwed.

Of course, it remains to be seen exactly how the exploits would work. You’d certainly imagine that either Windows itself, the Windows firewall, or independent security measures would mitigate the effects of these flaws.

The firm says it is working with Microsoft to limit the risks, though Microsoft hasn’t commented publicly about the issue yet. It will be interesting to see whether Microsoft was unaware of the flaws, or whether it had some or all of them classed as minor priorities and didn’t realize the severity of their combined effects.

Core says it isn’t sure whether or not hackers have already tried to exploit the problems. It will demonstrate how an attack might work during the Black Hat event which kicks off in Washington, D.C. next week. The presentation will have the somewhat striking title “Internet Explorer turns your personal computer into a public file server.”

Generally most legitimate security firms who make such demonstrations will either wait until a fix is ready, or will show how an attack would work in principle but won’t give enough details to allow a hacker to reproduce the attack in reality.

Black Hat was originally an annual event in Las Vegas but now takes place several times a year in a variety of locations worldwide.



Related Posts:

Posted in internet explorer, Security | 2 Comments » Read more from

2 Responses to “New security risk: “Internet Explorer turns your personal computer into a public file server””

  1. Ralph:
    January 25th, 2010

    Maybe it is time to start using another operating system as well?

  2. Victor:
    January 25th, 2010

    Or just not use Internet Explorer lol

Leave a Reply:


Recent stories

Featured stories

Archives

Copyright © 2012 Blorge.com NS