Major unpatched bugs found in Microsoft Internet Explorer

Extremely critical

By INQUIRER staff

Tuesday, 8 June 2004, 17:01

* CORRECTION Secunia emailed to say that it made a mistake in describing one of the bugs as a variant of "ms-its". It is, it said, a variant of the HTTP header location vulnerability. Its advisory bulletin has now been updated with that info. Ed.

SECUNIA REPORTED what it described as an "extremely critical" bug in Internet Explorer.

The firm said two vulnerabilities, in combination with other known problems, can allow people to gain access to your computer system from a remote location.

It said it has tested the bugs against a fully patched version of IE 6.0, which are a variant of the "ms-its:" local resource access vulnerability and another cross zone scripting error that allows remote users to execute files on local machines.

Secunia says the bugs are being actively exploited in the wild. One way to stop possible attacks is to disable active scripting support for all but trusted web sites, and to remove support for the "ms-its:" URL handler.

Secunia's bulletin is here, while there's a full description on the Full Disclosure web site. µ

Microsoft tells users how to prevent IE zero day attacks Fire in the Vole! Friday, 12 December 2008, 15:01 PM Read more	Mozilla Foundation tackles Firefox bug Javascript vulnerability Wednesday, 15 July 2009, 10:42 AM Read more
Google Chrome glitch patched Feeling vulnerable Friday, 24 April 2009, 10:11 AM Read more	Javascript debugging Three ways to edit and debug Javascript code Friday, 7 August 2009, 10:14 AM Read more
Microsoft warns of a security hole The Vole hasn't fixed it yet Tuesday, 7 July 2009, 09:36 AM Read more	Microsoft cock-up lets hackers in Powerpoint vulnerability Monday, 6 April 2009, 13:43 PM Read more

Comments

There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.

Most read
Most commented
Most popular

INQ Whitepapers

Will you be buying a new computer this Christmas?

Yes, a new computer will be under the tree

Yes, a netbook will fit my stocking nicely

No, but will be upgrading some components / building my own

No, my computer works fine if I change the oil often enough

Bah humbug, I'll wait for the January sales to decide

View other polls

©Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Search for a job:

Recruitment Agency A-Z Directory: All
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Major unpatched bugs found in Microsoft Internet Explorer

Share this:

Business Intelligence Software

Customer Relationship Management (CRM)

Enterprise Accounting Software

Enterprise Resource Planning (ERP)

Enterprise Systems Management

C DEVELOPER - OO DESIGN PA

C Java banking Finance Deve...

Read more

AUDIT - RISK ANALYST - MAR

Audit Risk Governance Marke...

Read more

IT/Report Presentation Spe

Leading Research Consultanc...

Read more

Senior Software Engineer C

My Client now needs a Senio...

Read more

IT Support Technician - 30

WORKING FOR A FIRM OF SOLIC...

Read more