subject: Flaws Identified in an Internet Browser. Researchers with Security Certifications May Pre-empt Threats [print this page] Flaws Identified in an Internet BrowserFlaws Identified in an Internet Browser. Researchers with Security Certifications May Pre-empt Threats
Internet browsers are susceptible to vulnerabilities caused by coding errors and design flaws. As such, they witness repeated attacks from hackers. Lack security practices by individual users may also infect an Internet browser. Vulnerabilities have been reported time and again in all major Internet browsers such as Internet Explorer, Mozilla firefox and Google Chrome.
Recently, security researchers identified flaws in Internet Explorer, which facilitates hackers to gain remote access to the affected computers. The security flaw has been identified as zero day vulnerability. The vulnerability is associated with the HTML parsing engine of the Internet Explorer. The security flaw materializes when the parsing engine processes the import rules of cascading style sheet on a webpage. The vulnerability causes memory error in the HTML parsing engine. Attackers can misuse the vulnerability to install malicious code into the webpage through a specially crafted webpage. Usually, ethical hacker certified personnel identify vulnerabilities and report to software developers and vendors of security products to prevent their misuse by cybercriminals. In this case, the exploit was reported by researchers of an IT security firm.
Researchers at Microsoft have acknowledged the existence of the vulnerability and are currently investigating the prospects for issuing a security patch. Microsoft usually issues patch on the second Tuesday of every month. The identified vulnerability affects Internet Explorer 8 on Windows XP Service Pack3, Windows Vista Service Pack 2 and Windows. Internet Explorer 6 and 7 are also vulnerable to the security flaw on Windows XP service pack 3.
One of the challenges faced by organizations is identifying the appropriate patches for software applications and devices. Professionals holding IT security certifications can pre-empt threats by constantly monitoring the systems, network and user activity and identifying the security holes before the hackers.
In the recent past, hackers targeted financial portals through SQL injection attacks. Hackers also exploit vulnerabilities to insert malicious links on a web page, which redirect to a fake website. Threats in the cyberspace are proactive in nature. Organizations do not have the option to self-pace their IT security program. Security professionals may benefit from iPad training program offered by some institutions to enhance their technical skill sets. Employees with updated skills can aid the organization in strengthening the defenses against threats in the Internet environment.
