"Extremely Critical" Vulnerability in Internet Explorer 6.0 With XP Security Pack 2 Demonstrated
Internet Explorer Command Execution Vulnerability Test Available From Yesterday
Jan. 8, 2005 12:00 AM
For users running Internet Explorer 6 with Windows XP SP2 installed, the Danish-based security firm Secunia yesterday published a demonstration of the vulnerability. The vulnerabilities can be exploited by malicious people to compromise a user's system, conduct cross-site/zone scripting and bypass a security feature in Microsoft Windows XP SP2. It rates the problem "extremely critical."
The demonstration is here.
Secunia's proposed solution is uncompromising: "Use another product."
Alternative workarounds, it adds, include disabling the "Drag and drop or copy and paste files" option and setting the security level to high for the "Internet" zone.
Reader Feedback: Page 1 of 1
Intrepid commented on 12 Jan 2005
If Windows is to be hacker-proof, us the customers might just have to make a few sacrifices, like the elimination of backwards-compatibility, web sites should have fewer features, the interface should be LESS user friendly, etc.
Kinda like gravity: It makes planes crash AND it lets us be able to walk and live normal life without floating.
All the More Reason commented on 10 Jan 2005
Why pay for an operating system if it's buggy, and they do the bug testing on you for free? We hear about these vulnerabilities almost daily - there are better alternatives: linux, macOS, anything but microsoft folks!
aixou commented on 9 Jan 2005
I believe there are now exploits in the wild, or exploits poised to get out in the wild -- which is why the rating was increased.
Having a vulnerability is like having a broken lock on a window. An exploit of that vulnerability is a burgular who is going around your neighborhood using windows as the entry point. In my opinion, exploits are a more serious concern than the vulnerability itself and warrant the increased amount of news on the topic.
Microsoft gets Softer commented on 8 Jan 2005
Hold on. Isn't this the same issue they found a couple of months back, that the "experts" said WOULDN'T be exploitable? What just happened??
eek commented on 8 Jan 2005
///Secunia's proposed solution is uncompromising: "Use another product."///
Wow - they don't mince words in Denmark. This is a well-respected, neutral company, saying "drop XP with SP2." Poor old Microsoft, not a happy day for them.
Subscribe to the World's Most Powerful Newsletters
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud,...
Jun. 19, 2018 11:30 PM EDT Reads: 7,276
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple ...
Jun. 19, 2018 11:15 PM EDT Reads: 2,486
DXWorldEXPO LLC announced today that "IoT Now" was named media sponsor of CloudEXPO | DXWorldEXPO 20...
Jun. 19, 2018 10:30 PM EDT Reads: 2,665
Modern software design has fundamentally changed how we manage applications, causing many to turn to...
Jun. 19, 2018 06:45 PM EDT Reads: 4,335
In this presentation, you will learn first hand what works and what doesn't while architecting and d...
Jun. 19, 2018 06:15 PM EDT Reads: 2,138
In an era of historic innovation fueled by unprecedented access to data and technology, the low cost...
Jun. 19, 2018 06:00 PM EDT Reads: 11,646
In his session at 20th Cloud Expo, Mike Johnston, an infrastructure engineer at Supergiant.io, discu...
Jun. 19, 2018 03:00 PM EDT Reads: 6,288
Everyone wants the rainbow - reduced IT costs, scalability, continuity, flexibility, manageability, ...
Jun. 19, 2018 02:45 PM EDT
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing w...
Jun. 19, 2018 02:45 PM EDT Reads: 5,264
Founded in 2000, Chetu Inc. is a global provider of customized software development solutions and IT...
Jun. 19, 2018 02:30 PM EDT Reads: 3,177
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held Novemb...
Jun. 19, 2018 02:00 PM EDT Reads: 2,639
Most DevOps journeys involve several phases of maturity. Research shows that the inflection point wh...
Jun. 19, 2018 12:15 PM EDT Reads: 5,209
Dynatrace is an application performance management software company with products for the informatio...
Jun. 19, 2018 12:00 PM EDT
SYS-CON Events announced today that DatacenterDynamics has been named “Media Sponsor” of SYS-CON's 1...
Jun. 19, 2018 12:00 PM EDT Reads: 10,445
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018,...
Jun. 19, 2018 12:00 PM EDT Reads: 3,779
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, ...
Jun. 19, 2018 11:30 AM EDT Reads: 8,066
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22...
Jun. 19, 2018 11:30 AM EDT Reads: 3,006
Today, we have more data to manage than ever. We also have better algorithms that help us access our...
Jun. 19, 2018 11:00 AM EDT
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: D...
Jun. 19, 2018 10:00 AM EDT Reads: 1,508
A valuable conference experience generates new contacts, sales leads, potential strategic partners a...
Jun. 19, 2018 10:00 AM EDT Reads: 4,643