News

Security Firm Finds 9 IE Flaws

An Israeli security firm, GreyMagic Software, documented nine new vulnerabilities in recent versions of Internet Explorer, eight of which the firm calls "critical."

The firm publicly released information on the vulnerabilities at the same time as it notified Microsoft, an approach the software giant has complained vigorously about in the past. Microsoft is evaluating the laundry list of flaws to determine if it needs to release a patch.

The vulnerabilities affect Internet Explorer 5.5 and Internet Explorer 6. Two of the vulnerabilities can be exploited even when a user had installed the first service pack for Internet Explorer 6.0.

All the exploits involve object caching, which takes place when the attacker opens a window to a page on his own page but changes the URL to the victim's page. GreyMagic recommends turning off Active Scripting until a patch becomes available.

More detail on the vulnerabilities is available here.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • FTC Expands Microsoft Antitrust Investigation Under Trump Administration

    The Federal Trade Commission (FTC) is pressing ahead with a broad investigation into Microsoft's business practices, an inquiry that began in the final weeks of the Biden administration.

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Microsoft to Shut Down Skype Services

    Microsoft will discontinue its Skype telecommunications and video calling services on May 5, 2025, marking the end of the platform's decades-long run.

  • Big Blue To Acquire Datastax in Enterprise AI Play

    In a bid to bolster its enterprise-aimed AI capabilities, IBM is planning to acquire Datastax, a leading AI and data solutions provider, for an undisclosed amount.

Most   Popular