Microsoft has confirmed that a newly discovered Internet Explorer bug could allow an attacker to take control of an affected system. 

The vulnerability is caused by an error in the way that the browser processes the 'createTextRange' method call on a radio button.

Security firm Secunia issued its second highest security rating of 'highly critical' for the bug in an advisory

Microsoft said that users can protect themselves by turning off Active Scripting, and stressed that users should limit their browsing to trusted websites.

The bug report comes just 24 hours after Dutch programmer Jefferey van der Stad disclosed on his blog that Microsoft had confirmed that he had found vulnerability in Internet Explorer 6. 

The security hole allows the browser to execute HTA files without users' permission.

Microsoft told the programmer that a patch will be issued as part of the firm's next patch release on 11 April.

On Monday, details surfaced of yet another Internet Explorer security hole. This one could be used to crash the browser by using more than 94 event handlers in an HTML tag. The Secunia advisory rates the bug as 'not critical'.

More stories on these topics:
Permalink  Comments  Forward
what do you think?
Click here for more Post your comment
Click here for more Send an email to the Computing editor at feedback@computing.co.uk
Reader comments for this story
Post your comment Post your comment   What is this?
Like this story? Spread the news by clicking a link:   Post this to Delicious del.icio.us     Post this to Digg digg this     Post this to reddit reddit!

related content
latest news
The MoD
Communications
BulletNAO: £7.1bn MoD scheme running late
Scheme has already delivered important benefits but first phase is 18 months late  04 Jul 2008
Cloud
Internet
BulletCloud-based email will surge in "fundamental restructure"
Storm approaching email market as clouds gather on SaaS provision  04 Jul 2008
Sainsbury's logo
Retail
BulletSainsbury’s web site down again
Retailer suffers from web downtime for the second time in a month  04 Jul 2008
Click here for more More news
latest in depth
easyjet aircraft
Transport
BulletEasyJet reviews IT processes
Cutting fuel costs and improved services high on airline’s agenda  03 Jul 2008
Williams F1 cars
Communications
BulletWilliams F1 drives through changes
Formula 1 team uses a virtual private network to exchange strategic data with its UK factory  02 Jul 2008
Gavel
Internet
BulletRelaxed domain laws may fuel legal costs
Experts warn that changes could tempt new cyber-squatters  02 Jul 2008
Click here for more More in depth

Advertising Marketplace

Sponsored links

Featured jobs

Network Analysts
United Kingdom | MI5 Security Service
Network Analysts Working for MI5 you will use your expertise to protect the UK from terrorism, espionage and other threats to national security. You'll be joining a team that provides essential technical analysis and capability ... more >
Business Development Manager (IT & Comms)
Manchester, United Kingdom | Peel Communications Limited
  Business Development Manager (IT & Comms), Manchester, (£35k)with Company Car, Healthcare & Pension. Additional team bonus subject to performance and Manager discretion. A leading property and transport Group with multi-purpose developments throughout the UK ... more >
Software Developer/SQL Specialists
United Kingdom | MI5 Security Service
Software Developer/SQL Specialists Working for MI5 you will use your expertise to protect the UK from terrorism, espionage and other threats to national security. You'll be joining a team that provides essential technical analysis and ... more >
Exchange Engineer
Newcastle, Tyne And Wear, United Kingdom | EDS
About EDS EDS provides a broad portfolio of business and technology solutions to help its clients worldwide improve their business performance. EDS' core portfolio comprises information-technology and business process outsourcing services, as well as information-technology ... more >
Click here for more  More job opportunities