More security woes for Internet Explorer

During the month, a serious new flaw was discovered in Internet Explorer and within days of the announcement hostile sites were using the exploit to infect visitor’s PCs. The flaw related to the way Internet Explorer handled Web pages that contain non- standard calls to HTML objects using the createTextRange() method. According to MS [1], "System memory may be corrupted in such a way that an attacker could execute arbitrary code." Somewhat unusually, MS quickly acknowledged the flaw but still got users offside by stating that a fix would not be released until the next patch cycle due out on the 11th of April. In the interim they suggested all IE users turn off active scripting or switch to the IE7 beta which was not affected. Thankfully, a couple unofficial patches [2] were released by third parties. Following the incident numerous reports have been received of Firefox and Opera users admitted to hospital suffering from the effects of excessive laughter while some unconfirmed sources indicate possible fatalities in the Mac community from the same complaint. ;>)
[1] http://www.microsoft.com/technet/security/advisory/917077.mspx
[2] http://www.eweek.com/article2/0,1895,1943687,00.asp...

This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.



Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 10, Windows 8, Windows 7, Firefox, Internet Explorer, Google, etc. Join our 460,000 subscribers!

Enter your email above to receive messages about offerings by Penton, its brands, affiliates and/or third-party partners, consistent with Penton's Privacy Policy.
The Windows 7, Vol 3 (Excerpt)

Subscribe and get our monthly bonuses - free!

The Windows 7 Guide, Volume 3: Advanced maintenance and troubleshooting provides advanced tools for keeping Microsoft's premier operating system up and running smoothly. Get this excerpt and other 4 bonuses if you subscribe FREE now!

= Paid content

All Windows Secrets articles posted on 2006-04-20: