Microsoft XML Vulnerability

Attackers are actively exploiting a vulnerability in Microsoft XML Core Services (MSXML) 3.0, 4.0, and 6.0. The flaw was disclosed earlier this month when Microsoft issued its scheduled security update. The company did not provide a patch, but did suggest workarounds, including a “Fix it” solution to prevent the flaw from being exploited on user’s computers.

The flaw, which is exploited through Internet Explorer (IE), is particularly dangerous because users need only visit compromised websites to become infected. At least two compromised sites have been detected: an aeronautical parts supplier and a medical company. Both are European companies.


About MIT
IT Security Awareness Consultant and Communications Specialist at MIT

Comments are closed.

%d bloggers like this: