Microsoft Ups IE Flaw to 'Critical'

By Phantasm66
Dec 9, 2002
  1. Have you seen that Internet Explorer cumulative patch offering itself to you recently? Maybe you had better think about taking it: Microsoft in their infinite wisdom have upped the security flaws that the patch addresses to "Critical" level.

    "The patch, released last Wednesday, fixes a vulnerability in IE 5.5 and 6.0 in the browser's cross-domain security model. The software performs incomplete security checks when certain object caching techniques are used in Web pages.....

    ....Microsoft's original bulletin said that an attacker could not use the flaw to run code on a user's machine, and the vulnerability was rated "moderate." However, a Danish security expert, well-known for finding vulnerabilities in IE, disputed this claim, saying that the flaw could be used to execute code on vulnerable machines....

    ...As a result, the company upgraded the severity of the vulnerability to "critical," the most severe rating...."

    More here.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...