"Extremely Critical" Vulnerability in Internet Explorer 6.0 With XP Security Pack 2 Demonstrated
Internet Explorer Command Execution Vulnerability Test Available From Yesterday
Jan. 8, 2005 12:00 AM
For users running Internet Explorer 6 with Windows XP SP2 installed, the Danish-based security firm Secunia yesterday published a demonstration of the vulnerability. The vulnerabilities can be exploited by malicious people to compromise a user's system, conduct cross-site/zone scripting and bypass a security feature in Microsoft Windows XP SP2. It rates the problem "extremely critical."
The demonstration is here.
Secunia's proposed solution is uncompromising: "Use another product."
Alternative workarounds, it adds, include disabling the "Drag and drop or copy and paste files" option and setting the security level to high for the "Internet" zone.
Reader Feedback: Page 1 of 1
Intrepid commented on 12 Jan 2005
If Windows is to be hacker-proof, us the customers might just have to make a few sacrifices, like the elimination of backwards-compatibility, web sites should have fewer features, the interface should be LESS user friendly, etc.
Kinda like gravity: It makes planes crash AND it lets us be able to walk and live normal life without floating.
All the More Reason commented on 10 Jan 2005
Why pay for an operating system if it's buggy, and they do the bug testing on you for free? We hear about these vulnerabilities almost daily - there are better alternatives: linux, macOS, anything but microsoft folks!
aixou commented on 9 Jan 2005
I believe there are now exploits in the wild, or exploits poised to get out in the wild -- which is why the rating was increased.
Having a vulnerability is like having a broken lock on a window. An exploit of that vulnerability is a burgular who is going around your neighborhood using windows as the entry point. In my opinion, exploits are a more serious concern than the vulnerability itself and warrant the increased amount of news on the topic.
Microsoft gets Softer commented on 8 Jan 2005
Hold on. Isn't this the same issue they found a couple of months back, that the "experts" said WOULDN'T be exploitable? What just happened??
eek commented on 8 Jan 2005
///Secunia's proposed solution is uncompromising: "Use another product."///
Wow - they don't mince words in Denmark. This is a well-respected, neutral company, saying "drop XP with SP2." Poor old Microsoft, not a happy day for them.
Subscribe to the World's Most Powerful Newsletters
Widespread fragmentation is stalling the growth of the IIoT and making it difficult for partners to ...
Mar. 24, 2018 08:15 AM EDT Reads: 4,500
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting ch...
Mar. 23, 2018 10:45 PM EDT Reads: 1,303
The standardization of container runtimes and images has sparked the creation of an almost overwhelm...
Mar. 23, 2018 08:00 PM EDT Reads: 1,959
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As au...
Mar. 23, 2018 07:15 PM EDT Reads: 1,614
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held Novemb...
Mar. 23, 2018 02:00 PM EDT Reads: 4,508
Cloud Expo | DXWorld Expo have announced the conference tracks for Cloud Expo 2018. Cloud Expo will ...
Mar. 23, 2018 12:30 PM EDT Reads: 7,149
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, ...
Mar. 23, 2018 12:30 PM EDT Reads: 6,032
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing w...
Mar. 23, 2018 11:45 AM EDT Reads: 2,355
@DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held Novem...
Mar. 23, 2018 11:15 AM EDT Reads: 1,596
The dynamic nature of the cloud means that change is a constant when it comes to modern cloud-based ...
Mar. 23, 2018 09:30 AM EDT Reads: 3,623
DXWorldEXPO LLC announced today that Dez Blanchfield joined the faculty of CloudEXPO's "10-Year Anni...
Mar. 23, 2018 09:15 AM EDT Reads: 1,400
With 10 simultaneous tracks, keynotes, general sessions and targeted breakout classes, @CloudEXPO an...
Mar. 22, 2018 01:30 PM EDT Reads: 1,982
"We started a Master of Science in business analytics - that's the hot topic. We serve the business ...
Mar. 22, 2018 07:30 AM EDT Reads: 3,838
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news an...
Mar. 21, 2018 02:30 PM EDT Reads: 2,019
As you move to the cloud, your network should be efficient, secure, and easy to manage. An enterpris...
Mar. 21, 2018 12:00 PM EDT Reads: 3,261
There is a huge demand for responsive, real-time mobile and web experiences, but current architectur...
Mar. 21, 2018 02:15 AM EDT Reads: 3,536
DXWorldEXPO LLC announced today that "Miami Blockchain Event by FinTechEXPO" has announced that its ...
Mar. 20, 2018 12:30 PM EDT Reads: 2,756
"NetApp is known as a data management leader but we do a lot more than just data management on-prem ...
Mar. 19, 2018 04:00 PM EDT Reads: 3,586
We call it DevOps but much of the time there’s a lot more discussion about the needs and concerns of...
Mar. 18, 2018 09:30 PM EDT Reads: 8,032
"Since we launched LinuxONE we learned a lot from our customers. More than anything what they respon...
Mar. 17, 2018 04:00 PM EDT Reads: 3,853