Open Tech Support
Open Tech Support Archives
Back to HomeCommunityReviewsGuidesDownloadsTech LinksMarketplaceContact Us
 »  SITE NAVIGATION
»  OTS Home
»  OTS Forums
»  OTS Archives

»  About our site
»  Search our site
»  Support our site

»  What is this site?
»  Who are we?
 
 
 »  ADVERTISMENT
 
  Pages: 1

MS Internet Explorer Critical Update

 (Click here to view the original thread with full colors/images)

Posted by: TotalRecall

Microsoft released an important patch for Internet Explorer versions 5.01, 5.5, and 6.0 that fixes 6 vulnerabilities. The most serious fix addresses this issue:

A cross-site scripting vulnerability in a Local HTML Resource. IE ships with several files that contain HTML on the local file system to provide functionality. One of these files contains a cross-site scripting vulnerability that could allow a script to execute as if it were run by the user herself, causing it to run in the local computer zone. An attacker could craft a web page with a URL that exploits this vulnerability and then either host that page on a web server or send it as HTML email. When the web page was viewed and the user clicked on the URL link, the attacker's script injected into the local resource, the attacker's script would run in the Local Computer zone, allowing it to run with fewer restrictions than it would otherwise have.

More information on the problems here, and downloads are available here. Microsoft has ranked this patch as critical, and suggests the update is applied immediately.


Posted by: Tweaker

Thanks for the heads-up TR.


 
Copyright 2000-2008 Open Tech Support. All Rights Reserved. Site Design and Development by Tolitz Rosel.