CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
spacer spacer
image Beware!: Critical Flaws Found in IE image
Security Hole
Critical Flaws Found in IE
Will Microsoft break its monthly patch cycle to fix the new holes?
Scarlet Pruitt,
IDG News Service

A set of new security vulnerabilities have been discovered in Microsoft's Internet Explorer Web browser. If used together, these flaws could allow hackers to compromise user PCs, researchers warned Tuesday.


The five vulnerabilities have been reported in IE 6.0, although other versions may have been affected, according to a bulletin released by security company Secunia.

The scripting flaws could allow hackers to bypass security and compromise systems, giving them access to sensitive information and cross-site scripting, according to Secunia.


Critical Condition
The Copenhagen, Denmark, company has classified the vulnerabilities as extremely critical and is advising all IE users to disable Active Scripting or use another product.

If they care about Internet security, users should make sure to disable active scripting, Secunia Chief Technology Officer Thomas Kristensen said Wednesday.

Microsoft is currently investigating the new vulnerability reports but is not aware of any active exploits or customer impact at this time, according to a representative for Microsoft in the U.K.


Patch Process
Upon completion of its investigation, Microsoft may release a fix in its next monthly security update or an out-of-cycle fix if needed, the representative said.

However, Kristensen said he doubts that the software giant will break its monthly patch release cycle to address the issues.

I would be happy to see them break their cycle because it affects customers, but I doubt it, he said.

The security flaws were originally discovered by Chinese security researcher Liu Die Yu, who published the vulnerabilities and proof of concept evidence Tuesday.

The Microsoft representative said that the company is concerned that the new reports of vulnerabilities in IE were not disclosed responsibly, potentially putting computer users at risk.

The company advised users to download its latest IE cumulative patch, released November 11, while it looks into the new vulnerabilities.

Source: PCWorld
Posted on Thursday, 27 November 2003 @ 04:10:00 UTC by phoenix22 (883 reads)
[ Trackback ]		image

"Beware!: Critical Flaws Found in IE" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
 
Login
spacer
Nickname

Password

Security Code: Type Security Code: Usage signifies AUP acceptance
· New User? · Click here to create a registered account.
block bottom
Related Links
spacer
· del.icio.us!
· digg it!
· reddit!
· TrackBack (0)
· Microsoft
· HotScripts
· W3 Consortium
· More about Security Hole
· News by phoenix22

Most read story about Security Hole:
Windows Media Player, Spyware and Trojan
block bottom
Article Rating
spacer
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent
block bottom
Options
spacer

Printer Friendly Page  Printer Friendly Page
block bottom
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
144ppm 0.088s (0.006s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer