August 31, 2005 - (HOSTSEARCH.COM) - eWeek reported today on a newly found IE 6 security hole discovered by an independent security researcher who operates the SecurityProtocols.com website. Currently there is no patch and no workaround that will repair the security flaw. The flaw can allow a hacker to gain total access to a Windows XP 2 machine after a user simply visits a malicious website.
SecurityProtocols reports that, "If a user visits a malicious Web site, the [attack] code can be executed without them even knowing about it—there's no pop-up or crash screen."
Microsoft is scrambling to understand the flaw and come up with a fix before a hacker discovers it and starts taking over computers.
According to the eWeek report, “Windows XP SP2 users who also use Internet Explorer Version 6 have few options for protecting themselves from attacks that use the vulnerability. Changing the Internet Explorer security settings will not stop attack code from executing on affected systems, and firewall and host intrusion detection products that SecurityProtocols tested did not detect the exploit.”
