The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,528 other followers

Posts Tagged ‘internet explorer versions’

Zero day vulnerability in mshtml.dll used by Internet Explorer 6, 7, 8 and 9, and many other products.

Posted by jpluimers on 2012/09/20

Summary:

  • Zero day vulnerability in mshtml.dll used by Internet Explorer 6, 7, 8 and 9, and many other products.
  • Resolution: Deploy EMET or stop using IE and other products using mshtml.dll until Microsoft delivers a patch.

Earlier this week a zero-day vulnerability in the mshtml.dll was made public. This DLL is used by almost all Internet Explorer versions (6-9 are vulnerable) and many other software products (almost anything from Microsoft and a lot of 3rd party software that displays a web page on Windows).

While Microsoft is building a fix that is to be released very soon now (probably tomorrow, Friday September 21st 2010), the official resolutions are not to use the mshtml.dll at all (impractical for many people), or deploy EMET (impractical too as it requires administrative privileges).

If you can, switch to a browser that uses a different layout engine than mshtml.dll (for instance browsers based on WebKit will do).

These pages are good starting points for more information:

Particularly interesting posts:

–jeroen

Posted in Internet Explorer, Power User, Web Browsers, Windows, Windows 7, Windows Server 2000, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Vista, Windows XP | Tagged: , , , , , , , , | 8 Comments »

 
%d bloggers like this: