Two New IE Vulnerabilities Surface

  • By stp
  • Published 19 years ago
6 Comments

While this week's headlines have thus far been dominated by news of renewed Web browser development, bug hunters at Secunia have shifted attention back toward the browser's darker side: A seemingly endless stream of security vulnerabilities. Secunia has issued a "moderately critical" advisory for Microsoft Internet Explorer.

The exploit bypasses a security feature in the Windows XP SP2 edition of the software that notifies users when they are opening certain file types, making way for malicious downloads. "Hide extension for known file types" must be enabled in order for the exploit to occur, and is the default setting.

A second vulnerability in the "execCommand()" JavaScript function allows malicious Web sites to lure users into downloading a file masquerading as an HTML document through IE's "Save as HTML Document" feature.

Secunia recommends disabling Active Scripting support and the "Hide extension for known file types" option.

6 Comments

6 Responses to Two New IE Vulnerabilities Surface

Got News? Contact Us

Recent Headlines

TEAMGROUP unveils MP44Q M.2 PCIe 4.0 SSD

Cyberwarfare incidents reported by almost half of UK firms

Ransomware, meet DRaaS: The future of disaster mitigation

Get 'Modern DevOps Practices -- Second Edition' (worth $39.99) for FREE

Number of ransomware victims up 20 percent in first quarter of 2024

Low-code tools boost developer productivity

Cisco warns of serious CLI command injection vulnerability in its Integrated Management Controller

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.0 'pl'

60 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Outrageous: Microsoft to charge $61 for Windows 10 updates -- consider switching to Linux!

17 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

16 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

16 Comments

Easter giveaway! Get a licensed copy of 'VideoProc Converter for Windows/Mac' (worth $78.90) for FREE

10 Comments

EndeavourOS ARM discontinued: A huge loss for the Linux community

9 Comments

Install the KB5035942 update for Windows 11 to gain all of the Moment 5 features right now

8 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.