BetaONE will rise again!


 
  #1  
Old 15th Jan 05, 03:00 AM
NewsBot's Avatar
NewsBot NewsBot is offline
Senior Member
 
Join Date: Oct 2004
Posts: 30,912
NewsBot will become famous soon enough
Three New Internet Explorer Vulnerabilities
Security outfit Secunia has news of further exploits for Microsoft's browser, Internet Explorer. Three new problems have come to light, all of them critical, and all of them having potential to do serious damage to Internet Explorer users.

The first problem relates to IE not checking items that are dragged and dropped from the Internet zone to the local zone; IE fails to check for images or media embedded in HTML code. A website could place HTML code on a users system, which could subsequently execute code in the local zone. The second issue relates to IE's HTML help control; a specially crafted help (.hhk) file can execute potentially malicious code and could also execute local programs; this vulnerability can also by-pass the "Local Computer" zone lock down security feature in SP2. Finally, a bug in the way IE handles the "Related Topics" command in an embedded HTML Help control can be exploited to allow the execution of malicious code. For a more detailed explanation of the problems, see Secunia's advisory.

One Neowin reader notes a particularly nasty example of the potential these exploits have. Microsoft have yet to offer a patch for the problems. Internet Explorer users (including v5.x+, v6.x+) and XP users with SP2 installed are affected. Until Microsoft takes the browser problems seriously, one can only suggest that users jump ship and try something else. An Internet Explorer re-vamp in 2006 with Longhorn is fast becoming too far away for ever tiring web users.

News source: ieXbeta
Full story: View Here
 


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Internet Explorer Hit by Major XSS Bug NewsBot NeoWin News 0 17th Dec 04 04:00 PM
Internet Explorer Cumulative Update MS04-040 (KB889669) NewsBot NeoWin News 0 2nd Dec 04 10:30 PM
Microsoft Internet Explorer Two Vulnerabilities NewsBot NeoWin News 0 17th Nov 04 10:30 PM
Update for Internet Explorer 6 for XP Service Pack 2 NewsBot BetaONE News 0 3rd Nov 04 12:00 PM


All times are GMT +1. The time now is 05:01 AM.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.