Highly Critical Hole Found in IE
dotpavan writes "Eweek reports on a highly critical MS Internet Explorer hole found by Secunia Research's Andreas Sandblad. The vulnerability is due to the processing of the "createTextRange()" method call applied on a radio button control.
From Secunia, "The vulnerability has been confirmed on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2." The vulnerability has also been confirmed in Internet Explorer 7 Beta 2 Preview (January edition) though it could be avoided by turning off Active Scripting, as suggested by Microsoft Security Response Center blog. How would this put MS in the market, hit by the ever-growing shots of vulnerabilties? And would the divorce of IE7 from Vista's Windows Explorer help?"
here
Must be thursday.
...if researchers just identified the bits that *weren't* totally insecure?
It's a brand new hole!
--
Superb hosting 20GB Storage, 1_TB_ bandwidth, ssh, $7.95
TFA: Microsoft plans to release a pre-patch advisory with workarounds for a "highly critical" vulnerability that could put millions of Internet Explorer users at the mercy of malicious hackers
So this article updates us to the fact that they plan to update us with an article prior to the update?
Slashdot Burying Stories About Slashdot Media Owned
It could've been a very cynical hole in IE concerning when Windows Vista will finally be released.
here.
IE user, your house is on fire. Run for the hills! Go! Go!
Take the cheese to sickbay, the doctor should see it as soon as possible - B'Elanna Torres, "Learning Curve"
Here. Guaranteed not to be exploited by any javascript or plugin vulnerability. Or by any site that uses frames.
shall be named "alimony"!
DEAD DEAD DEAD DELETE ME