• Ballot Screen
  • Windows 7 Ultimate
  • Microsoft Windows Phone 7
  • Patch Management
  • Europe
  • Internet Explorer
  • Bing
  • Search
  • Yahoo
  • Windows 7 Home Premium
  • Microsoft Latest Hack Involves "Errant Ampersand"


    30 July, 2009, by Desire Athow

    Microsoft Corp. On Tuesday ascertained that a single extra character in its own coding is accountable for the bug that has enabled hackers to exploit its signature web browser Internet Explorer (IE) since earlier this month.

    The announcement made by the software company has been in line with the similar discoveries brought forth by a pair of German researchers who analysed a flaw in a Microsoft-manufactured ActiveX control around three weeks ago.

    The company has claimed an errant ampersand, “&”, responsible for the bug that paved way for carrying out exploits on IE web browser, Microsoft admitted in a blog post published at its Security Development Lifecycle (SDL) website.

    A security program manager at Microsoft, Michael Howard, notified in his blog post that the typo actually corrupted the code of an ActiveX control employed by the web browser. The control was developed by using an older library of codes containing flaws, Howard admitted.

    Article continues after advert

    In order to address these flaws relating to ActiveX components, Microsoft has issued an emergency fix for IE, as well as for Visual Studio that use the same library of codes, referred to as Active Template Library (ATL).

    Continued on next page Tags: Browsers, Hacking, Microsoft, Vulnerabilities
    Desire Athow
    Posted by
    Desire Athow
    on 30 July, 2009

    Désiré Athow is the Content Editor of ITProPortal.com and has been reporting on technology and telecommunication since 1999. You can follow him on Twitter.
    ITProPortal.com - Sponsored Section

    Featured Content

    1. The New Voice of the CIO. 158 CIOs in midsized businesses across 31 countries reveal their insights and vision for enhancing competitiveness over the next five years.

      Download Document

    Customer Case Studies

    1. How a wine wholesaler improved the flow of information
      Download full case study
    2. The server that made an entire university smarter
      Download full case study

    Videos

    Connecting in a smarter planet:

    Latest Tweets





     





    News Now Logo




    Forgot your password?