Recently discovered vulnerabilities that have yet to be patched in the three most popular web browsers could turn the web into a treacherous and dangerous place, security experts warn.
 |
Source: Browser-help |
In a series of warning emails sent last weekend, detailed information about the latest vulnerabilities within Microsoft’s Internet Explorer (IE), Apple Computer’s Safari, and Mozilla’s Firefox was disclosed. While the vulnerabilities in Firefox and Safari could cause the browsers to freeze, the IE vulnerability could be exploited by hackers to attack unprotected computers, according to security firm Secunia.
Due to its severity, Secunia has classified the IE vulnerability as “Highly Critical.” Currently, it is confirmed that IE6 is affected by this vulnerability, but other versions may also be at risk. This vulnerability lies in the way IE handles HTML tags, allowing attackers to create a counterfeit website.
The warning from Secunia came just days after expert Tom Ferris revealed multiple unpatched vulnerabilities in Apple’s software, including the Safari browser. Moreover, earlier in April, Microsoft released a patch that addressed 10 vulnerabilities in IE, most of which were categorized as “critical.”
Microsoft is investigating the vulnerability recently discovered by Secunia, although they do not believe it is as severe as Secunia claims. Nevertheless, another reputable security firm, Symantec, has also confirmed that the aforementioned IE vulnerability could be exploited for hackers to run malicious code on vulnerable computers.
According to Secunia, Safari version 2.0.3 and Firefox version 1.5.0.2, the latest versions, both contain the flaw, although it is likely that other versions are also affected. Fortunately, the flaws in both browsers this time are not classified as “critical.”
As there are currently no patches available for these vulnerabilities, Secunia advises users to avoid accessing untrustworthy websites to prevent falling into the hands of hackers.
Thien Yi
