Linux Today: Linux News On Internet Time.

CNET News: IE Fix Mends Flawed Open-Source Patch

Dec 23, 2003, 23:30 (2 Talkback[s])
(Other stories by Munir Kotadia)

"A Web site that published a third-party patch to fix a security hole in Microsoft's Internet Explorer has had to reissue the patch, after the original was found to be flawed.

"Openwares.org published the second patch Saturday, after the first was found to contain a buffer overflow exploit. This exploit, which allowed an attacker to take control of the patched PC, might have been far more damaging than the flaw the patch aimed to fix.

"According to Openwares, only about 6,500 people downloaded the original patch..."

Complete Story

Related Stories: