Christopher Cashell (topher) wrote,
Christopher Cashell

  • Mood:

Serious Internet Explorer (and Outlook) Security Bug.

There's a major security problem with Internet Explorer 5.01 and 5.5. Here's the initial write up I saw:
Visit an attacker's webpage using Microsoft's browser on Microsoft's operating system, and the attacker can execute arbitrary code on your system with your full privileges. Oh, and thanks to Microsoft innovation - you may remember this from the trial - the browser is integrated with the OS, so reading e-mail from an attacker (opening attachments not necessary) also gives them full access to your machine. MSIE 5.5 is vulnerable, and MSIE 5.01 is vulnerable unless you've installed Internet Explorer 5.01 Service Pack 2.

You can get full details from Microsoft, as well as a patch to fix this, here.

Basically, if you have Internet Explorer 5.01 or 5.5 installed, you need to do this as soon as possible, or risk nasty problems.

Thanks to Slashdot for the posting and to Kriptopolis for discovering this bug.
  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded