Secunia warns of fresh IE flaws

By Derek Sooman on
More IE holes are here, if you can believe that. These two new problems can affect users on fully patched Windows XP Service Pack 2 systems, so the potential for some sort of harmful exploit is therefore high.

"According to an alert from Secunia that carries a "moderately critical" rating, the holes can be exploited to bypass a security feature in XP SP2 and trick users into downloading malicious files."

"The problem is that if the downloaded file was sent with a specially crafted 'Content-Location' HTTP header in some situations, then no security warning will be given to the user when the file is opened.""

Microsoft has yet to confirm whether it believes the flaws to be genuine security holes, which it will do before releasing any kind of fix. Let's hope they decide soon, Secunia have also warned that a combination of the two flaws could be exploited by an attacker to trick a user into downloading a malicious executable file pretending to be an HTML document.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.