Top White Papers
CNET News.com: IE security hole could put surfers at riskAug 25, 1999, 16:02 (5 Talkback[s])
(Other stories by Erich Luening)
"A new security hole in Microsoft's Internet Explorer 5.0 could allow random programs to execute on a user's computer and could also expose those machines to malicious hackers, Microsoft has confirmed.
The security hole is in the company's popular Web browser on Windows 95/98 and allows the execution of arbitrary programs on computers when users visit a Web page or receive Outlook email. It does so by creating, overwriting, and putting content in local files.
The problem may take 'full control over the user's computer,' according to Georgi Guninski, a Bulgarian programmer who discovered the problem over the weekend. Guninski has reported a number of bugs from various browser makers in the past."
"The security hole is related to an ActiveX control that ships with IE5. ...an HTML application file may be created, implanted with information that can exploit files, and written to the StartUp folder... The next time the user reboots, the code in the HTML application file will be executed. This vulnerability can be exploited via email as well..."
0 Talkback[s] (click to add your comment)