Latest News

NBN Co expands ITOM transformation with event management

AMP is building out a new 'data brain'

Nokia to build mobile network on the moon

EU needs long-term plan to tackle 5G misinformation

Britain says Russia on cyber offensive to sabotage Tokyo Olympics

Vulnerability in Internet Explorer remains unpatched

By SC Australia Staff on Oct 13, 2009 10:47AM

Vulnerability in Internet Explorer remains unpatched

Flaw still exists one year after being reported.

Internet Explorer users are putting themselves and their PCs at risk to hacking with a simple ‘.txt' file.

ProCheckUp revealed that it is possible to give a hacker open access to a user's session by installing malware through a vulnerability in IE7 and IE8 that opens text files.

It claimed that JavaScript code can be added to the plain text file and remain undetected by Internet Explorer, and that this JavaScript code will allow the hacker to gain access.

Richard Brain, co-founder of ProCheckUp, said: “People have become accustomed and hence suspicious of the various file formats (Flash/Acrobat) used to carry out attacks, it still comes as a surprise that even the most benign file format (.txt) can also be used to attack computers.”

It claimed that the flaw has already been reported to Microsoft by GTalbot last year, but ProCheckUp discovered that this vulnerability is still active.

See original article on scmagazineuk.com

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, US edition

Tags:

code explorer flaw internet javascript security txt unpatched vulnerability

Partner Content

Four reasons to upgrade your business to fibre internet

Partner Content Four reasons to upgrade your business to fibre internet

The push to move Teams users to cloud telephony

Sponsored Content The push to move Teams users to cloud telephony

WhatsApp Business bot boosts revenue for small Coca-Cola retailers

Partner Content WhatsApp Business bot boosts revenue for small Coca-Cola retailers

Six digital strategy tips for a post-pandemic world

Partner Content Six digital strategy tips for a post-pandemic world

Sponsored Whitepapers

3 steps to a well-rounded cybersecurity plan

3 steps to a well-rounded cybersecurity plan

Learn IT Service Management (ITSM) best practises

Learn IT Service Management (ITSM) best practises

A Migration Guide For Businesses Switching Mobile Device Management Solutions

A Migration Guide For Businesses Switching Mobile Device Management Solutions

Plan your post-COVID security strategy

Plan your post-COVID security strategy

The Executive's Guide To The Future Of Work

The Executive's Guide To The Future Of Work

Events

Most Read Articles

Services Australia trials OCR on Centrelink claims

Services Australia trials OCR on Centrelink claims

Aussie Broadband lists on the ASX one week early

Aussie Broadband lists on the ASX one week early

Telstra hands digital credentials to 4.5m consumer customers

Telstra hands digital credentials to 4.5m consumer customers

Spotless hit by ransomware attack

Spotless hit by ransomware attack

Most popular tech stories