"The patch, released last Wednesday, fixes a vulnerability in IE 5.5 and 6.0 in the browser's cross-domain security model. The software performs incomplete security checks when certain object caching techniques are used in Web pages.....
....Microsoft's original bulletin said that an attacker could not use the flaw to run code on a user's machine, and the vulnerability was rated "moderate." However, a Danish security expert, well-known for finding vulnerabilities in IE, disputed this claim, saying that the flaw could be used to execute code on vulnerable machines....
...As a result, the company upgraded the severity of the vulnerability to "critical," the most severe rating...."
Downloads and Drivers
From the Forums
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.