Another Security Flaw in Internet Explorer

Microsoft has admitted it is fixing another security bug in its Internet Explorer browser. The newly found bug affects all versions, but only if you're running in Windows XP or have the Internet Explorer Protected Mode turned off (by default this is on in Vista and Windows 7 so if you don't know what it means you've probably left it on!).

The flaw allows hackers to get at your hard drive but only for files that they know the filename. This isn't so good for the standard Windows files and so on, but they would have to guess your personal filenames to be able to steal the contents.

"Customers running Internet Explorer 7 or Internet Explorer 8 in their default configuration on Windows Vista or later operating systems are not vulnerable to this issue as they benefit from Internet Explorer Protected Mode, which protects from this issue," stated senior security communications manager Jerry Bryant on the Microsoft Security Response Centre blog.

He added, "Windows XP users, or users who have disabled Protected Mode, can help protect themselves by implementing Network Protocol Lockdown." I don't know what that means either but they have an automated fix available here!

This adds to the list of flaws in Internet Explorer, especially in version 6. If you're still using Version 6 make sure you upgrade to Internet Explorer Version 8 as soon as possible, or why not try out Firefox, or Google Chrome.