BitDefender issues fix for IE7 printing bug

By on

Security firm BitDefender claims to be the first to issue an update to protect against a new vulnerability in Microsoft's Internet Explorer 7..

Researchers issued a signature update to protect users against a flaw in the way IE7 parses web pages in preparation for printing.

The bug could allow a remote attacker to execute arbitrary code on a victim's machine if the victim tries to print a specially-crafted web page while including a table of links.

The vulnerability was discovered by independent security researcher Aviv Raffon, who also released proof-of-concept code.

"This exploitable vulnerability results from a combination of coding mistakes and sloppy security thinking," said BitDefender innovations product manager Alexandru Balan.

"The code has numerous bugs but it is also executed in a lower-security context than it should be and the combination opens a way for hackers to compromise a system."

BitDefender researchers warned that the exploit is well-suited for use in targeted attacks.

The firm advised all users of Internet Explorer to refrain from printing web pages with the 'Print Table of Links' option enabled until a fix is released.
Copyright ©v3.co.uk
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?