March 30th, 2001

Danger Mouse

Serious Internet Explorer (and Outlook) Security Bug.

There's a major security problem with Internet Explorer 5.01 and 5.5. Here's the initial write up I saw:
Visit an attacker's webpage using Microsoft's browser on Microsoft's operating system, and the attacker can execute arbitrary code on your system with your full privileges. Oh, and thanks to Microsoft innovation - you may remember this from the trial - the browser is integrated with the OS, so reading e-mail from an attacker (opening attachments not necessary) also gives them full access to your machine. MSIE 5.5 is vulnerable, and MSIE 5.01 is vulnerable unless you've installed Internet Explorer 5.01 Service Pack 2.

You can get full details from Microsoft, as well as a patch to fix this, here.

Basically, if you have Internet Explorer 5.01 or 5.5 installed, you need to do this as soon as possible, or risk nasty problems.

Thanks to Slashdot for the posting and to Kriptopolis for discovering this bug.
  • Current Mood
    unsurprised
Lord Yupa

PostgreSQL 7.1 RC1 released!

Ooooh! This is just so droolable. . . the first two things mentioned are enough to make me happy:
  • full support for outer joins

  • removal of the notorious 8k row length limit
  • Current Music
    Van Halen - Hot for Teacher