| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Microsoft Security Bulletin MS02-068: Cumulative Patch for Internet Explorer (324929) | |
|
||
| Time: 00:00 EST/05:00 GMT | News Source: ActiveWin.com | Posted By: Robert Stein | ||
|
This is a cumulative patch for Internet Explorer 5.5 and 6.0. In addition to including the functionality of all previously released patches for Internet Explorer 5.5 and 6.0, it also eliminates a newly discovered flaw in Internet Explorer's cross-domain security model. This flaw occurs because the security checks that Internet Explorer carries out when particular object caching techniques are used in web pages are incomplete. This could have the effect of allowing a website in one domain to access information in another, including the user’s local system. Exploiting the vulnerability could enable an attacker to read, but not change, any file on the user’s local computer. In addition, the attacker could invoke an executable that was already present on the local system. The attacker would need to know the exact location of the executable, and would not be able to pass parameters to it. Microsoft is not aware of any executable that ships by default as part of Windows and, when run without parameters, could be dangerous. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 305 Last | Next |
The time now is
5:34:53 PM
ET.
Any comment problems? E-mail us |
| #1 By 135 (209.180.28.6) at 12/5/2002 10:37:39 AM |
|
Microsoft: 68
Redhat: 157 It's looking as though Redhat has a very solid lead for 2002 in the issuance of security bulletins. |
| #2 By 135 (208.50.206.187) at 12/5/2002 9:33:08 PM |
| My Linux Security Scoring system was invoked by the meer mention of a Microsoft vulnerability. |
| #3 By 1845 (12.254.162.111) at 12/5/2002 10:06:19 PM |
| LSS - tee hee. That's worth a point from me for making me laugh, blue. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 305 Last | Next |
The time now is
5:34:53 PM
ET.
Any comment problems? E-mail us |
