Microsoft Corp. On Tuesday ascertained that a single extra character in its own coding is accountable for the bug that has enabled hackers to exploit its signature web browser Internet Explorer (IE) since earlier this month.
The announcement made by the software company has been in line with the similar discoveries brought forth by a pair of German researchers who analysed a flaw in a Microsoft-manufactured ActiveX control around three weeks ago.
The company has claimed an errant ampersand, “&”, responsible for the bug that paved way for carrying out exploits on IE web browser, Microsoft admitted in a blog post published at its Security Development Lifecycle (SDL) website.
A security program manager at Microsoft, Michael Howard, notified in his blog post that the typo actually corrupted the code of an ActiveX control employed by the web browser. The control was developed by using an older library of codes containing flaws, Howard admitted.
In order to address these flaws relating to ActiveX components, Microsoft has issued an emergency fix for IE, as well as for Visual Studio that use the same library of codes, referred to as Active Template Library (ATL).
Add Your Comment
Follow on Twitter
More Articles
News
Hot Topics
Office web is the latest addition to Microsoft's Office business suite and is set to be the company's most revolutionary version.
Microsoft's 14th version of its award winning, multi-billion dollar cash cow business suite, is the company's most ambitious to date.
Spotify is certainly one of the most popular online music websites in the world which is a feat for a service that was officially launched only in February 2009
Comments