SEARCH :

The number of bugs in a chip is relatively proportional to the number of transistors - Bob Colwell, former Intel chief architect

Communications > Security

Microsoft ActiveX hole unofficially patched

Vole licked

By INQUIRER newsdesk

Tue Oct 03 2006, 16:12

MICROSOFT last week published a security advisory about a flaw in its ActiveX doobrey and said it would produce a patch by October 10th.

The vulnerability afflicts Internet Explorer 6 in all its Windows flavours and could allow attackers to take control of a system if a user is lured to a malicious website.

Bored of waiting for Vole to pull its paw out, spods at the Zeroday Emergency Response Team and security vendor Determina released unofficial patches for the flaw.

Zert is a collective of security researchers and programmers. The group says it plans to issue unofficial security updates when vulnerabilities surface that pose a serious risk to the public and/or the infrastructure of the Internet.

Its mates at Determina develop intrusion-detection software. The pair say their patch works on Windows 2000, XP and 2003 systems.

Microsoft doesn't like users applying unofficial patches and says they are likely not to have been tested sufficiently. And it makes them look bad. µ

L'INQ
ZERT

McAfee admits to flaws in its Saas Total Protection Allows execute code control and spam distribution Thursday, 19 January 2012, 12:18 PM Read more	Newly patched Safari flaws pose serious risks A proof-of-concept remote code execution exploit is available Thursday, 13 October 2011, 11:26 AM Read more
Adobe issues an emergency fix for Flash Player flaw But Microsoft should stop embedding Flash in Office files Thursday, 14 April 2011, 13:16 PM Read more	Microsoft fixes Pwn2own Internet Explorer hole Along with 63 other software vulnerablities Wednesday, 13 April 2011, 11:14 AM Read more
Adobe Flash Player is hit by zero-day attacks again A recurring case of deja vu Tuesday, 12 April 2011, 11:18 AM Read more	Apple updates Itunes for IOS 4.3, fixes security bugs Likely to still run horribly on Windows Thursday, 3 March 2011, 12:47 PM Read more

< Previous article| Next article >

Comments

There are no comments submitted yet. Do you have an interesting opinion? Then be the first to post a comment.

INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage

INQ Jobs

Oracle Developer Forms PL/

Lead Oracle Developer / Cob...

INQ Poll

Authorities in several countries raided Megaupload recently, shut down all of its services, seized hundreds of servers and arrested several of its executives on criminal charges.

Do you think the move was justified?

Yes, companies should suffer an immediate death penalty upon being accused of copyright infringement.

Yes, the coppers said the company was breaking the law so it must be guilty.

No, the company and the people accused are innocent until proven guilty.

No, the company had millions of customers who have been harmed by having access to their data files cut off.

I don't care, I never used Megaupload anyway.

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

Microsoft ActiveX hole unofficially patched

Share this:

RIM Playbook OS 2.0 and Blackberry 7.1 video demo

Nokia Lumia 710 video review