Open Source Firm Releases Patch for IE Bug [UPDATED]

An anonymous reader writes "An open source and freeware software development web site has released a patch to fix the URL spoofing vulnerability in Internet Explorer, which can be exploited by scammers who try to trick people into revealing details of online banking accounts or other private information." Naturally, the source for the patch is available as well. Update: 12/19 15:06 GMT by M : Sadly, the patch appears to contain a buffer overflow and some possibly-malicious code - see an analysis and news story, and this comment which suggests the patch author is trying to figure out who is taking advantage of the original vulnerability. Caveat patcher.

Re:DMCA violator

[pvt_medic]

Now at first that is what I was thinking when I saw teh article. Clear case of microsoft embarrassment and microsofts reaction would clearly be one of litigation (now of course, it still is likely to do that) but is that the best thing for microsoft. One of the reasons other systems have such good security is because they have a consortium of people and organizations working on them. If microsoft took this approach they could move to be a more secure environment (they still be evil)

My 2 cents worth

Re:And if it were MS code

[Dwonis]

It is not open source:

// By using this source code, you agree to the
// following terms:
//
// 1) You may use the source code, resource
// files for educational purposes only.
// 2) You MAY NOT redistribute this source code
// without written permission. Failure to do
// so is a violation of copyright laws.
// 3) The author of this code may have retained
// certain "additional copyright rights".
// If so, this is indicated in the author's
// description.