Microsoft patches IE, Windows.
Published:
24 November 1999 y., Wednesday
Microsoft is scrambling to fix numerous Internet security holes in both the Internet Explorer browser and the Windows operating system. Microsoft expects to release a patch Friday for a problem
with Windows 95 and 98 that could let a malicious Web site operator or sender of HTML email invade a visitor_s or recipient_s computer. In a buffer overrun situation, the attacker floods a field, in this case the address bar in the browser, with more characters than it can hold. Web addresses or local file
addresses that are too long for the address bar can cause Windows to crash and force the characters that didn_t fit into the URL entry field to go into memory, where they may be executed when the computer is restarted. The problem occurs in Windows_ networking software, and an exploit could work with any browser, Microsoft said. Microsoft also released a patch for a bug in the Internet Explorer browser, versions 4.0 and 5.0, that exposes computers to malicious code disguised as common file extensions with suffixes like ".jpg," ".mov" or ".txt" and that get emailed as attachments. The bug takes advantage of an ActiveX control that lets archive files known as "cabinet," or ".cab," files be launched and executed from the user_s machine. Microsoft credited Spanish bug hunter Juan Carlos Garcia Cuartango for discovering the bug, which he originally described as a flaw that made Microsoft_s email management program, Outlook, vulnerable to attack.
Copying, publishing, announcing any information from the News.lt portal without written permission of News.lt editorial office is prohibited.
The most popular articles
Software company announced new structure_ of it_s business.
more »
Email churn surges into the tens of billions
more »
Experts say the Nimda virus spreads through e-mail, vulnerable servers, and the Internet via open network sharing features and altered Web pages.
more »
Hackers have begun attacking Web sites connected to Afghanistan's Taliban rulers and to other Islamic nations
more »
Corporate altruism is replacing shock as some tech companies offer free services and bandwidth to businesses affected by last week's attacks.
more »
In an apparent response to terrorist attacks on America, a notorious hacker known as "Fluffi Bunni" defaced potentially tens of thousands of high-profile Web sites, replacing their home pages with a rant about religion, capitalism, and violence.
more »
U.S. consumers are more likely to revisit Web sites that are fast loading, customizable and more informative than those that offer rich media or content delivery to wireless handsets, according to research by Jupiter Media Metrix.
more »
Entertainment industry lobbyists say programmers and open-source activists should not be alarmed by a controversial proposal to embed copy-protection controls in nearly all PCs and consumer electronic devices.
more »
Homegrown instant messaging start-up Odigo, Inc. has scored a lucrative deal to develop and power "MTV Messenger", a new IM communications tool for MTV-owned Web sites in Europe.
more »
search.lt presents newest links
more »
A South Korean Internet portal has filed a complaint with fair trade regulators, alleging Microsoft is shutting out competition by tying a range of application software into its new Windows operating system.
more »