Microsoft patches IE, Windows.
Published:
24 November 1999 y., Wednesday
Microsoft is scrambling to fix numerous Internet security holes in both the Internet Explorer browser and the Windows operating system. Microsoft expects to release a patch Friday for a problem
with Windows 95 and 98 that could let a malicious Web site operator or sender of HTML email invade a visitor_s or recipient_s computer. In a buffer overrun situation, the attacker floods a field, in this case the address bar in the browser, with more characters than it can hold. Web addresses or local file
addresses that are too long for the address bar can cause Windows to crash and force the characters that didn_t fit into the URL entry field to go into memory, where they may be executed when the computer is restarted. The problem occurs in Windows_ networking software, and an exploit could work with any browser, Microsoft said. Microsoft also released a patch for a bug in the Internet Explorer browser, versions 4.0 and 5.0, that exposes computers to malicious code disguised as common file extensions with suffixes like ".jpg," ".mov" or ".txt" and that get emailed as attachments. The bug takes advantage of an ActiveX control that lets archive files known as "cabinet," or ".cab," files be launched and executed from the user_s machine. Microsoft credited Spanish bug hunter Juan Carlos Garcia Cuartango for discovering the bug, which he originally described as a flaw that made Microsoft_s email management program, Outlook, vulnerable to attack.
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
If this week's border-transcending ruling by Germany's highest court proves anything, it's that an enormous distance remains between advocates of a free Internet and watchdogs against racism and hate-mongering.
more »
IBM Corporation announced Wednesday a new offering to deliver a range of business and technical services for the development of high-value corporate portals.
more »
A technique that exploits the way Web browsers store recently viewed data could compromise Internet users' privacy by allowing an attacker to check what sites a person has visited recently.
more »
Country music record company Fahrenheit Entertainment said it will begin selling copy-protected CDs by early next year using encryption technology from SunnComm, a little-known company based in Phoenix.
more »
Idea of "total war" redefined the conduct of armies against foreign populations in the mid-20th century.
more »
A Hong Kong-based company, I-Engine.com, has launched a wireless site development tool, I-WAP, that automatically builds and updates WAP sites.
more »
search.lt presents newest links
more »
If you're game for a challenge and desperate for money get hacking!
more »
Unlike Al Gore and George W Bush, St Chad's conduct during a disputed election helped him on his way to sainthood.
more »
Marked differences in the stages Europe's various national administrations have reached in moving towards e-government are highlighted in a new report from ICL.
more »