Dangerous vulnerability still exists in IE, security expert warns.

Discussion in 'other security issues & news' started by the mul, Jul 7, 2004.

Thread Status:
Not open for further replies.
  1. the mul

    the mul Registered Member

    Joined:
    Jul 31, 2003
    Posts:
    1,703
    Location:
    scotland
    Microsoft Patch Leaves Holes Open

    Dangerous vulnerability still exists in IE, security expert warns.

    Wilbert de Vries and Paul Roberts, WebWereld Netherlands
    Tuesday, July 06, 2004
    Microsoft's effort last week to fix a vulnerability in the Internet Explorer Web browser and end the latest series of Internet attacks doesn't address another closely related and dangerous vulnerability, according to a security specialist.

    Dutch security expert Jelmer Kuperus published code on the Web last week that he says can be used to break into fully patched Windows systems using a slightly modified version of an attack called Download.Ject that Microsoft patched last week. The new attack targets a hole in a different Windows component than the one addressed by Microsoft's software patch. Using a similar attack, malicious hackers could break into even patched Windows machines, Kuperus says

    http://www.pcworld.com/news/article/0,aid,116796,tk,dn070604X,00.asp


    The MUL
     
  2. Pigman

    Pigman Registered Member

    Joined:
    May 15, 2004
    Posts:
    381
    Isn't that at least the second time a M$ patch has failed to correct a vulnerability? Or has my memory failed me?

    Btw, when was the last time I didn't hear news about IE's insecurity?
     
  3. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    Microsoft by itself claimed that the patch of last week would not remove the vulnerability, it would only close one gap. I suppose next week (2nd tuesday) we'll see more updates.

    Strange, though, that plugging a hole would require so many days before it gets plugged, but that's an other matter.
     
  4. nadirah

    nadirah Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    3,647
    Nah, it's useless, don't tell me hackers keep on exploiting flaws and holes in IE everyday, and microsoft works like hell just to issue patches non-stop, is this gonna go on forever? It's D-DAY for IE. Microsoft should give up their hopes on IE. IE is getting from bad to extremely disgusting.
     
Loading...
Thread Status:
Not open for further replies.