Security firms today revealed a "high risk bug" which sneaks malicious code onto a machine running Microsoft Internet Explorer (IE).
This latest vulnerability, which comes only a week after the uncovering of a separate flaw affecting IE's mail extenstions, centres on HTML-based emails.
HTML mails, which are effectively websites, could potentially run an embedded file attachment containing malicious code if a user previews the code using Outlook. The user would not even have to open the message to activate the code, according to security firm GFI.
The vulnerability is carried out through the use of an HTML content tag known as IFrame which is used to embed another frame, or web page, inside the main one. The embedded page would be responsible for loading or activating the malicious code.
GFI's chief executive Nick Galea told vnunet.com that Microsoft has released a patch to fix the vulnerability, available here, but added that filtering email at server level to remove potentially dangerous code such as the IFrame tag was the best way to combat the threat.
"HTML mail viruses are becoming more sophisticated and more difficult to detect and stop," said Galea. "The recently discovered vulnerability is a clear example of how dangerous HTML mail scripting can be. Exploits like this indicate that other such HTML viruses lie close ahead."
J1043+2408 was observed for more than 10 years, and its radio light curve exhibited a periodic signal repeating in about 563 days
Success of Unity's test flight means Virgin Galactic is now close to taking its first paying tourist into space
V3 puts the pro-level football GPS tracker through its paces, and asks if it's more than a gimmick
Finding refutes many earlier studies that suggest that galaxies don't have much dark matter at the time of their birth