Forum latest

IE Active Scripting Exploit 'In The Wild'
General
Written by Gizmo   
Tuesday, 06 December 2005 06:57

An unpatched vulnerabilty in IE that has been know to exist since May has been exploited, according to security firm Sophos.  Originally, Microsoft believed the vulnerability would only cause the browser to crash.  Last week it was confirmed that the vulnerability had been exploited by code in the wild.  More from ZDNet can be found here.

Until the vulnerability is fixed, concerned users are advised to disable Active Scripting in Internet Explorer.  To do this, go to the 'Tools' menu, and select 'Internet Options'.  In the 'Internet Options' dialog that opens up, select the 'Security' tab, and click on the 'Custom Level...' button.  This will bring up the 'Security Settings' dialog.  Go all the way to the bottom of the dialog and then scroll back up until you see the 'Active Scripting' setting (should be one page up, right below the 'Scripting' settings group).  Change this setting to either 'Disable' or 'Prompt'.  Click 'Ok' and restart your browser.

Note: these instructions are for IE 6.  Other versions of IE should be similar.

Comment in the forums

 
Don't Click Here Don't Click Here Either