[G3]-TechNews : Home| RSS | Atom | MSN | WAP

Article: Step-by-Step Guide: How to set up a VPN
Article: Download: Microsoft Monad (Beta)
Article: Building a 64-Bit Multimedia Workstation
Article: Coming Soon to Windows: The Microsoft Shell (MSH)
Article: How to Reset Win NT / 2000 / XP Administrator Password
Article: The Technology Behind Dual Core CPUs
Article: How-To: Wireless Network Security
Article: Article: PCI Express - technology backgrounder
Article: Tutorial: Access Hidden Files on Your iPod
Article: Troubleshooting drivers with XP's hidden Driver Verifier Manager
Article: How to Make a 5 in 1 Network Cable
Article: Comparison - Blu-ray & HD DVD
Article: Beginners Guides Linux : Part 1 | Part 2 | Part 3
Article: How To Crack WEP (Wired Equivalent Privacy)
Article: Email Addresses Spoofing.
Link: Free PHP ebook
Link: FREE ASP.NET books and eLearning course
Link: Free registration code for Opera 8.
Invitations: Gazzag (Here) | Yahoo! 360 (Here)  | Orkut (Here)

"Extremely Critical" Vulnerability in Internet Explorer 6.0 With XP Security Pack 2
Contributed by: G3nu1n3, at 1/10/2005 08:24:00 AM.

Security company Secunia has news of further exploits for Microsoft's browser, Internet Explorer. Three new problems have come to light, all of them critical, and all of them having potential to do serious damage to Internet Explorer users.

The first problem relates to IE not checking items that are dragged and dropped from the Internet zone to the local zone; IE fails to check for images or media embedded in HTML code. A website could place HTML code on a users system, which could subsequently execute code in the local zone.

The second issue relates to IE's HTML help control; a specially crafted help (.hhk) file can execute potentially malicious code and could also execute local programs; this vulnerability can also by-pass the "Local Computer" zone lock down security feature in SP2.

Finally the third, a bug in the way IE handles the "Related Topics" command in an embedded HTML Help control can be exploited to allow the execution of malicious code. For a more detailed explanation of the problems.

Microsoft have yet to offer a patch for the problems. Internet Explorer users (including v5.x+, v6.x+) and XP users with SP2 installed are affected.

Current solution: Use another product. (Firefox or Opera) til IE is patched.

Visit: Secunia Advisory

To Read MOST UPDATED News Items browse to HOME page.


Post a Comment

<< Home

[G3]-TechNews : Home| RSS | Atom | MSN | WAP

Archives :

- Monthly Archives :

- Post Count: 1,783 before June 1, 2005. (Since: October 26, 2004)