June 12, 2007
Internet Explorer is suffering from six vulnerabilities, five privately reported and one publicly disclosed, all of which are addressed in security bulletin MS07-033. Microsoft officials said June 12 that all but one of the IE flaws could allow system hijacking if a user were to visit a malicious Web page. One of the flaws allows spoofing and also requires a malicious Web page visit.
In all cases of possible remote code execution, users who have configured IE to have fewer user rights could be at less risk than those running IE with administrative rights. For one of the vulnerabilities—the spoofing problem—user interaction is required.
Powered by ScribeFire.