Home › News › Industry News

codeBase vulnerability notes

On May 10, 2003, 12:27 PM

Over on Pivx Solutions they've made a post regarding the codeBase vulnerabilities in Internet Explorer, something which has been at the root of multiple vulnerabilities in the browser over the years. Here's a small portion;

quote:
Microsoft have to realize that the current tight integration of innocent browser-level functionality cannot peacefully coexist with the application-level functionality (such as executing commands & reading files) that local zones expose. The Internet Zone & Local Zones should not both be exposed through Internet Explorer. In fact, I would recommend that Local Zones should be severely crippled in the short term, & completely removed in the long term. Everything that application-level Local Zone documents & help files require can already be accomplished through the use of HTML Applications - which have already existed for years as well.

Would you like to know more? It's a pretty interesting read if you're into this sorta thing. On a related note I'll have a decent update for the Internet Explorer section of our Securing Windows guide soon enough.

No tags on this story

Next Article: Nvidia sees revenue up, NV35 next week

TechSpot on:

Most Popular

Trending

Featured

Featured on Laptops

Downloads and Drivers

Downloads

Drivers

IObit Malware Fighter 2.0

Instantbird 1.4

BitTorrent Sync 1.0.134

Spybot - Search & Destroy 2.1.19

Google Chrome for Windows 27.0.1453.93

More Downloads

Latest Discussion

How do I begin to build a custom computer? 13 replies on Other Hardware

Keyboard/Mouse Problems 5 replies on Other Hardware

How did my Windows key become disabled? 9 replies on Other Hardware

Facebook won't load 6 replies on Storage and Networking

For LinkedKube :) 16 replies on Overclocking, Cooling and Modding

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.

TechSpot

Welcome to TechSpot

Home › News › Industry News

codeBase vulnerability notes

Next Article: Nvidia sees revenue up, NV35 next week

Post a new comment

TechSpot on:

Most Popular

Building a Thin Mini-ITX PC: Small and Silent Performance

Metro: Last Light Tested, Benchmarked

Microsoft officially announces Xbox One: here's what we know so far

'Supercapacitor' could fully charge your phone in less than 30 seconds

Bill Gates is once again the richest person in the world

Metro: Last Light Performance, Benchmarked

Building a Thin Mini-ITX PC: Small and Silent Performance

Metro: Last Light Review

Gigabyte U2442F Ultrabook Review

8 Free to Play Games That Are Too Good to Be True

Featured on Laptops

77 Lenovo ThinkPad X1 Carbon Touch

79 Lenovo IdeaPad Yoga 13

75 Asus VivoBook S400CA

89 Apple MacBook Pro 15" Retina - Summer 2012

85 Apple MacBook Air 13.3 inch - Summer 2012

Downloads and Drivers

Latest Discussion

Subscribe to TechSpot

Featured Tech Content - Inside TechSpot

	Social Login & Guest Posting Post as anonymous user			TechSpot Members Login here or sign up for free, it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.