ITinfo: Microsoft Security Hole via Web and Email

Site Directory
Membership
Train-the-Trainer
Trainer Certification
Certified Training Materials
ITinfo E-zine
Responsible Training
White Papers
Trainer Resources
What's New
Speaking Engagements
Onsite Training
ITrain Gear

Internet Explorer Shot Again

Another security hole found in MS browser

ITinfo Sponsor

ERROR: Random File Unopenable

The random file, as specified in the $random_file perl variable was unopenable.

The file was not found on your file system. This means that it has either not been created or the path you have specified in $trrandom_file is incorrect.

Microsoft Security Hole via Web and Email

by Dave Murphy
ISSN 1535-3613

Microsoft confirms that IE (Internet Explorer) is vulnerable to attacks from net crackers and other ne'er-do-wells.

Georgi Guninski, a JavaScript bug hunting champion, found the security hole and recommends disabling Active Scripting in IE. I agree. Until a fix is posted by Microsoft, access can be granted to files on web surfers' hard drives from malicious code posted to a website or included in the body of an HTML email message.

The problem is found in IE's search command, NavigateAndFind, which commands the browser to find a webpage and highlight a portion of text.

Call for Comments

What do you think? Leave your comments on the message center.

References

Microsoft
Message Center

Previous issues are on our website at http://itrain.org/itinfo/.

International Association of Information Technology Trainers
PMB 616
6030-M Marshalee Dr
Elkridge, MD 21075-5987

410.567.5366
1.888.290.6200
fax: 801.650.0423
Membership Director: member@itrain.org

Return to ITrain Homepage

http://itrain.org/itinfo/1999/it991223.html
updated December 23, 1999