Microsoft Releases “Fixit” for MHTML Script Injection Vulnerability ~ Ilmu Komputer & Software Gratis

Friday, September 16, 2011

Microsoft Releases “Fixit” for MHTML Script Injection Vulnerability

Friday, September 16, 2011 ilmu-reparasi-komputer No comments

Recently Microsoft released Security Advisory 2501696 to alert customers to a publicly disclosed vulnerability in the MHTML protocol handler. This vulnerability could allow attackers to construct malicious links pointing to HTML documents that, when clicked, would render the targeted document and reflected script in the security context of the user and target location. The end result of this type of vulnerability is script encoded within the link executed in the context of the target document or target web site. By default, the MHTML protocol handler is vulnerable on Windows XP and all later supported Windows versions. Internet Explorer is an attack vector, but because this is a Windows vulnerability, the version of IE is not relevant.

To fix this vulnerability, download following "Fixit" solution to enable the Network Protocol Lockdown for mhtml: for all security zones:
Download Link
More Info

Posted in: troubleshooting

Ilmu Komputer & Software Gratis

Friends

Friday, September 16, 2011

Microsoft Releases “Fixit” for MHTML Script Injection Vulnerability

0 comments:

Post a Comment

Followers

Labels

Blog Archive

Total Pageviews

Popular Posts

Blogger Tricks

Blogger Themes

Download

Footer Widget 1

Footer Widget 2

Footer Widget 3