Results 1 to 5 of 5

Thread: New MSIE security hole?

  1. #1
    Senior Member
    Join Date
    Feb 2003

    New MSIE security hole?

    I received an email today, the subject of which may interest some of you. I've read the report on the URL listed in his email, and the security "hole" seems to be valid, though I don't know if any other code on the page would actually run other than the code he used to produce the "hole" itself. Have a look...


    NEW security hole / exploit in IE6 with SP2 and all the latest security patches that can be abused by hackers to run harmful JavaScript code and can be abused to mislead existing protection against harmful JavaScript code.

    All the information about the new bug can be seen here: http://research.seniorennet.be/Techr...t_explorer.php

    The bug is reported to Microsoft.

  2. #2
    Senior Member
    Join Date
    May 2003
    bad link.
    Everyone is going to die, I am just as good of a reason as any.


  3. #3
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Redondo Beach, CA
    Try this instead. The long URL is being affected by a BR tag and a spacing UNICODE.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  4. #4
    Senior Member
    Join Date
    Nov 2001
    i can see where this could affect those who depend on av/anti-spyware programs to protect them from malicious web sites instead of keeping their browser up to date on patches. but other than that it's pretty cool.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  5. #5
    Senior Member
    Join Date
    Dec 2004
    Just another reason to switch to firefox but then again, I am probably beating a dead horse I know that firefox has it's vulns and all, but I really believe that it is superior, but then again I am not trying to start one of those 'Open source RULES!!! M$ SUX' things so please don't take it that way. I know that new firefox vulns are being discovered every day, but so are MSIE vulns. To me it is a comparison of the rate at which they are being discovered, and since firefox is relatively new (It is only a matter of time though) it has less vulns. But I am off on a tangent. (Sorry)

    I think that this probelm, unfortunatley, seems to be a just a symptom rather than the cause. The fact that IE 'forgets' the actual code and only remembers the HTML is kind of disturbing to me. It seems to me that this is a problem in the way that MSIE (at a low level) handles Java script. I hope (and trust) that Microsoft will fix the cause rather than the symptom.
    The fool doth think he is wise, but the wiseman knows himself to be a fool - Good Ole Bill Shakespeare

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts