[Previous entry: "The GPL is science"] [Next entry: "Doc Searls, and his son, on WiFi Everywhere"]
06/10/2004: "Day one vulnerability in IE"
Will someone please explain why this POS is still in-use anywhere?
Two new vulnerabilities have been discovered in Internet Explorer which allow a complete bypass of security and provide system access to a computer, including the installation of files on someone's hard disk without their knowledge, through a single click.
Worse, the holes have been discovered from analysis of an existing link on the Internet and a fully functional demonstration of the exploit have been produced and been shown to affect even fully patched versions of Explorer.
It has been rated "extremely critical" by security company Secunia, and the only advice is to disable Active Scripting support for all but trusted websites.
link
