also @ TechSpot: iTunes 11.0.3 delivers revamped MiniPlayer, security fixes

Another IE security hole

By Derek Sooman

On November 4, 2004, 2:32 PM

Yes, that's right, another IE hole. US-CERT on Wednesday warned of another fresh hole in Internet Explorer that could allow attackers to take control of a PC via an HTML e-mail message or a malicious Web page. This one works by exploiting a heap buffer overflow, is in the way IE handles two attributes of the "frame" and "iframe" HTML elements. Furthermore, things are even more serious than usual now because exploit code has been published on public mailing lists. The bug has been confirmed on IE 6.0 on Windows XP with SP1 and all patches installed, as well as the same browser on a fully patched Windows 2000. No word yet on a patch from Microsoft.

No tags on this story

Post a comment

Post a new comment

Social Login & Guest Posting TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.
TechSpot on:

Most Popular

Trending Featured
More Trending Topics

Featured on Mice

Downloads and Drivers

Downloads   Drivers  

J. River Media Center 18.0.187

ComicRack 0.9.169

Ashampoo UnInstaller 5.03

Files Terminator Free 2.5.0.11

Advanced Host Monitor 9.50

More Downloads

Latest Discussion

Keep getting Windows not valid popup 23 replies on Windows OS

What game first got you hooked on gaming? 171 replies on Gaming

Have DOTA 2 keys to give (steam requiered) 8 replies on Gaming

Best possible quality DVD ripping? 5 replies on Software Apps

Bios update help 10 replies on Processors and Motherboards

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.