Slashdot Mirror

← Back to Stories (view on slashdot.org)

Several Critical MSIE Flaws Uncovered

Posted by Zonk on from the it's-not-all-roses dept.

An anonymous reader writes "Several flaws have been uncovered by security firm eEye in Microsoft's Internet Explorer. The flaws allow remote compromise of computers running Windows Operating Systems and affect IE, Outlook and possibly other MS software. With the next MS Windows security bulletin release scheduled for June 14, 2005 news sources are reporting that in comparison with the Mozilla Foundation's prompt fix for the recently reported Mozilla 1.0.3 vulnerabilities MS appear to be leaving a large window for the possible malicious exploitation of these flaws."

5 of 388 comments (clear)

  1. Great.. by Marble68 · · Score: 4, Informative

    I'm stuck with an internal deveopment team making web apps (in .Net) that require IE.. And a bunch of users who will click on anything. Although exploits were found in Firefox, they were patched rapidly. It's not standard on all our desktops. I wish there was a "corporate" browser with minimal features to reduce exposure. Sort of like IE lite.

    --
    /me sips his coffee and ponders a new sig...
  2. Re:Poor choice of slogan by dark-br · · Score: 4, Informative

    Marge: [on radio] Husband on murderous rampage. Send help. Over.
    Chief Wiggum: Whew, thank God that's over. I was worried for a little bit.

    Ok, now where is mar karma? ;)

    Other Winggum quotes here.

  3. Not just one! by vmp17 · · Score: 4, Informative

    Although eEyes' reports look a bit confusing (look at the "Vulerability is over" image at the bottom), I think according to this page http://www.eeye.com/html/research/upcoming/index.h tml there are 3 security vulnerabilities affecting IE and Outlook that allow remote code execution.
    The oldest one is 60 days old now and still not fixed.

  4. Re:IE7 by Aadain2001 · · Score: 4, Informative

    Just FYI: IE only starts faster because MS preloads it into memory at startup. To compare FF to IE on (more)equal footing, start FF and then try to open a new window. This is closer to how IE works on Windows.

    --
    Space for rent, inquire within
  5. Re:admin privilege req'd by man_of_mr_e · · Score: 4, Informative

    I've never had a problem with Publisher 2003 needing systemroot access. If you're running older versions, you don't need to give them root access. All you need to do is give them write permission to the directory without replacing the permissions on the files within, that way nothing alter existing files. There's nothing special about systemroot other than it's a place many system files are stored.. let the user create new files there isn't going to comprimise security any more than letting them create new files somewhere else.

    --
    If you need web hosting, you could do worse than here