Unpathced IE flaw (Open for 6 Months)

netfreak

Regulars
Messages
2,147
Microsoft Security Advisory (911302)
Vulnerability in the way Internet Explorer Handles onLoad Events Could Allow Remote Code Execution
Published: November 21, 2005

Microsoft is investigating new public reports of vulnerability in Microsoft Internet Explorer on Microsoft Windows 98, on Windows 98 Second Edition, on Windows Millennium Edition, on Windows 2000 Service Pack 4, and on Windows XP Service Pack 2. Customers who are running Windows Server 2003 and Windows Server 2003 Service Pack 1 in their default configurations, with the Enhanced Security Configuration turned on, are not affected. We have also been made aware of proof of concept code targeting the reported vulnerability but are not aware of any customer impact at this time. We will continue to investigate these public reports.

http://www.microsoft.com/technet/security/...ory/911302.mspx
 

max

Regulars
Messages
2,766
cool. More holes in dear ol' Internet Exploder :). Why dont they just give out the "Enhanced Security" configuration to everyone? It is seriously handicapped but atleast it wont Explode in the user's face! :confused:
 

Top