| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
One IE flaw leads to another | |
|
||
| Time: 00:01 EST/05:01 GMT | News Source: News.com | Posted By: Kenneth van Surksum | ||
|
As researchers pored over a vulnerability found within Microsoft's Internet Explorer less than a week ago, they discovered a totally new IE flaw. The new bug could be used to launch code execution attacks. Microsoft acknowledged that the vulnerability, found by Andreas Sandblad of Secunia, is not just a successful exploit of the flaw uncovered last week by Michal Zalewski. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 307 Last | Next |
The time now is
2:18:56 PM
ET.
Any comment problems? E-mail us |
| #1 By 15406 (216.191.227.68) at 5/3/2006 8:04:35 AM |
| And here I thought I was being funny when I said last week "I wonder if they'll be rocked by next week's hole." And here it is. |
| #2 By 32132 (142.32.208.232) at 5/3/2006 11:20:32 AM |
|
I also remember you saying the latest Firefox flaw didn't carry a risk of code execution.
Looks like you were wrong. Even eWeek admitted it. http://www.eweek.com/article2/0,1895,1956824,00.asp "A new version of the upstart Firefox Web browser has been released to patch a "critical" flaw that could lead to the execution of malicious code. According to Mozilla, Firefox 1.5.0.3 fixes a publicly reported denial-of-service bug that can theoretically lead to a more serious security issue. Mozilla described the flaw as crashes that were discovered to ultimately stem from the same root cause: attempting to use a deleted controller context when designMode was turned on. "This generally results in crashing the browser, but in theory references to deleted objects can be abused to run malicious code," the open-source group said in an advisory." |
| #3 By 32132 (142.32.208.232) at 5/3/2006 11:21:28 AM |
|
http://blog.eweek.com/blogs/larry%5Fseltzer/
"With the latest update to Firefox there have been 28 vulnerability advisories this year, 15 of them "Critical." That's in 122 days. Does anyone else think this is a fairly rapid pace? There were 56 advisories for Firefox in all of 2005 (16 of them "Critical"), or roughly one every 6.5 days. (The first one was in January, 2005, so I'll assume the whole year for this argument.) This year the incidence has gone up to roughly one every 4.4 days, and the number of Critical ones has skyrocketed." |
| #4 By 15406 (216.191.227.68) at 5/3/2006 11:46:10 AM |
| #2: Wrong again, Parkkker. You were the one saying that there was a code execution bug in Firefox, and I was pointing out that Symantec's advisory was wrapped in maybes so it wasn't conclusive. And that seems to be the same conclusion from eWeek and Mozilla -- that it might be possible. A rather large difference, but please don't stop revising history here. It's very entertaining. |
| #5 By 15406 (216.191.227.68) at 5/3/2006 11:50:16 AM |
| #3: What's rapid is the pace of own-your-box holes in IE. One per week these days. And besides, why are you quoting eWeek? You yourself have slagged them as OSS fanboys who have nothing to say. Why the sudden turnaround? |
| #6 By 32132 (142.32.208.232) at 5/3/2006 3:54:45 PM |
|
"why are you quoting eWeek?"
Because eWeek epitomizes the Firefox brown nosers. And if they can't keep quiet about Firefox flaws, they are even worse than I claim them to be! |
| #7 By 37 (24.183.100.179) at 5/3/2006 4:42:46 PM |
|
"#5 By Latch (549 Posts) at 5/3/2006 11:50:16 AM
#3: What's rapid is the pace of own-your-box holes in IE. One per week these days. " Well, 1 a week (or every 7 days) is by far better than one ever 4.4 days. Give me the more secure IE! |
| #8 By 15406 (216.191.227.68) at 5/4/2006 8:15:51 AM |
| #7: And you're welcome to it. I can hardly wait until next week's IE hole. Maybe that one will actually cause your computer to explode. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 307 Last | Next |
The time now is
2:18:56 PM
ET.
Any comment problems? E-mail us |
