TechSpot

Microsoft Ups IE Flaw to 'Critical'

By Phantasm66
Dec 9, 2002
  1. Have you seen that Internet Explorer cumulative patch offering itself to you recently? Maybe you had better think about taking it: Microsoft in their infinite wisdom have upped the security flaws that the patch addresses to "Critical" level.

    "The patch, released last Wednesday, fixes a vulnerability in IE 5.5 and 6.0 in the browser's cross-domain security model. The software performs incomplete security checks when certain object caching techniques are used in Web pages.....

    ....Microsoft's original bulletin said that an attacker could not use the flaw to run code on a user's machine, and the vulnerability was rated "moderate." However, a Danish security expert, well-known for finding vulnerabilities in IE, disputed this claim, saying that the flaw could be used to execute code on vulnerable machines....

    ...As a result, the company upgraded the severity of the vulnerability to "critical," the most severe rating...."


    More here.
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.