Microsoft patches IE, Windows.
Published:
24 November 1999 y., Wednesday
Microsoft is scrambling to fix numerous Internet security holes in both the Internet Explorer browser and the Windows operating system. Microsoft expects to release a patch Friday for a problem
with Windows 95 and 98 that could let a malicious Web site operator or sender of HTML email invade a visitor_s or recipient_s computer. In a buffer overrun situation, the attacker floods a field, in this case the address bar in the browser, with more characters than it can hold. Web addresses or local file
addresses that are too long for the address bar can cause Windows to crash and force the characters that didn_t fit into the URL entry field to go into memory, where they may be executed when the computer is restarted. The problem occurs in Windows_ networking software, and an exploit could work with any browser, Microsoft said. Microsoft also released a patch for a bug in the Internet Explorer browser, versions 4.0 and 5.0, that exposes computers to malicious code disguised as common file extensions with suffixes like ".jpg," ".mov" or ".txt" and that get emailed as attachments. The bug takes advantage of an ActiveX control that lets archive files known as "cabinet," or ".cab," files be launched and executed from the user_s machine. Microsoft credited Spanish bug hunter Juan Carlos Garcia Cuartango for discovering the bug, which he originally described as a flaw that made Microsoft_s email management program, Outlook, vulnerable to attack.
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
The iPhone's new “ATM Hunter” is a a free iPhone application built by MasterCard that allows users to quickly find the ATMs that are closest to them.
more »
In security breach cases last year, such as Hannaford Bros. supermarket and the card processing firm Heartland Payment Systems, cybercriminals gained access to millions of consumers' credit card details.
more »
Ingenico, a provider of payment solutions, says contactless technology will split the retail market this year, improving sales figures for early adopters and costing those who shun the additional investment in this burgeoning technology.
more »
Widevine Technologies today announced that the US Patent and Trademark Office has reconfirmed the validity of many claims of Widevine's U.S.
more »
Nokia Corp., the world's largest maker of cell phones, is making a large investment in California-based Obopay Inc., a startup that's pushing person-to-person mobile-payments technology.
more »
The increasing amount of overlap and duplication of data, tasks and processes in their anti-fraud and anti-money laundering divisions is driving banks to seek synergies between compliance, risk management and security, according to a new report from Datamonitor.
more »
The total number of IPTV subscribers worldwide passed the 20mn mark at the end of 2008, according to new figures from Informa Telecoms & Media, taking into account both disclosed and estimated figures.
more »
The IPTV World Forum opened its doors this morning on a bright London day, and the mood was equally optimistic indoors, with the conference rooms packed for keynote presentations from Christopher Schläffer of Deutsche Telekom, Christophe Forax from the European Commission and the BBC's Richard Halton, charged with making Project Canvas a reality.
more »
A new Gartner Inc. report suggests that financial fraud could drive consumers away from banks and into the arms of electronic payment systems, such as PayPal, that they perceive to be more secure.
more »
In the last year this more than doubles the number of cards and devices in circulation around the world.
more »