Disable Internet Explorer Active X support, turn off the "drag-and-drop" or "copy-and-paste files" option across a domain, or switch to another Web browser unless you want to face a Hack attack on your PC, warns the security firm Secunia. They have discovered three very critical flaws in the IE and have issued security notice on its website.
The company has rated the flaw as of a very high risk nature and has said that this is their last warning for people to secure their data. “The flaw affects IE 6, and can enable hackers to run pornographic dialers to be dialed from the user’s computer without their knowledge” said Thomas Kristensen, Secunia's chief technology officer. He said that only those flaws that can let someone manipulate user’s machine without user’s intervention get such high rating.
Even PCs with Microsoft's Service Pack 2 patch are vulnerable to be attacked.
The company has also said that Microsoft has been aware of this flaw for at least two months now but they have not yet come up with a security patch. The exploit code for one of the three vulnerabilities, a flaw in an HTML Help control, was already published on the Internet on Dec. 21.
Commenting on this Microsoft officials said that an incomplete patch can at times be worse than no patch at all. They want to thoroughly test the patch and it should be well engineered. This will take sometime
These flaws have made a big dent in Microsoft’s already battered image when it comes to security.
