Blog

Rahul Thadani
Microsoft releases a Fix it solution to prevent Internet Explorer hijacking vulnerability
January 3, 2013

Internet Explorer flaw

Microsoft has successfully released a ‘Fix it solution’ for the recently discovered targeted attack, CVE-2012-4792. This attack was specifically targeted at users of Internet Explorer versions 6, 7 and 8. Users of Internet Explorer 9 and 10 were not affected.

The attack exploited a vulnerability that allowed an attacker to literally hijack a PC and gain remote code execution over an infected PC. This vulnerability could be exploited when Internet Explorer accessed objects in the memory that had been deleted (or improperly allocated) previously. Attackers had found ways to design websites that would exploit this vulnerability. However, they did need to use social engineering tricks to get victims to visit those pages in the first place. Additionally, malicious downloads and email attachments could also be manipulated to exploit this vulnerability. Once compromised, a machine could run arbitrary codes sent by the attacker from remote servers.

Microsoft has now released a Fix it solution for this issue, so troubled Internet Explorer users can rest easy. This solution is an out-of-cycle security update for the benefit of users and can be utilized with one single click. The update does not require a system reboot and it is not a replacement for any further security updates that Microsoft will release.

Ideally, users are advised to use Internet Explorer 9 or 10. Users who are constrained to older versions should use this security tool to prevent this exploit. Moreover, it is also recommended that they apply all OS and software updates, especially for their antivirus and system protection software.

Have something to add to this story? Share it in the comments.

Rahul Thadani
About Rahul Thadani
Rahul is a web enthusiast and blogger, and has been writing about the computer security industry for the last three years. Following the latest technology trends,...
Articles by Rahul Thadani »

6 Comments

Your email address will not be published.

CAPTCHA Image

  1. Thanks rahul for updating with the fixit released

    Reply
  2. Thank for the information provided

    Reply
  3. Amit manoj BasppaJanuary 4, 2013 at 3:52 PM

    Thanks rahul sir..

    Reply
  4. my phone is nokia e 63

    Reply
  5. Thanks for give useful information…

    Reply
  6. Thanks for given useful information..

    Reply