Can IE Bug Do More Than Crash Browsers?
It's unclear whether the flaw could lead to drive-by attacks.
The vulnerability is caused by a "buffer overflow," a flaw that has plagued Internet Explorer in the past. In this case, the flaw allows a malicious attacker to flood the browser with garbage data via a malformed HTML tag. The browser lacks allocated memory to handle the flow of unexpected data and responds to the attack by crashing.
Researchers are now investigating whether this flaw can also be used to inject malicious code into computers, which would allow attackers to remotely control or alter the contents of affected computers.
If so, it's possible that this flaw could allow attack code to enter computers when users simply visit a malicious Web site. There is currently no patch or workaround that can protect users from the fallout.
Sutton said that iDefense researchers have examined the flaw and believe that it is likely exploitable but it's not clear if the exploit will be reliable as it involves memory corruption.
The flaw was discovered by security researcher Michal Zalewski, a Polish security expert who is the author of "Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks."