IE Leaks Like a Sieve
An MS press release and public lynching (from Internetnews.com) --
In a lively online discussion Thursday, Microsoft engineers faced off with end users who lobbed irate questions, comments and a few tirades about its Internet Explorer browser.
More than any topic, security reigned as the most pervasive theme during the online discussion, including when end users could see the next patch for vulnerabilities in IE.
IE staffers said the XP SP2 service pack is currently available for download as release candidate 2. That means it's not completed, final or stable yet, and that the final stable SP2 is coming soon. The browser's ActiveX scripting vulnerabilities have been faulted in several recent high-profile attacks that hit Web sites running Microsoft IIS 5.0 servers.
Here's the Kicker: Within hours of Microsoft releasing its patch last week to plug a hole in its IE browser, a Dutch security expert posted code on his site that revealed the patch still leaks.
In a lively online discussion Thursday, Microsoft engineers faced off with end users who lobbed irate questions, comments and a few tirades about its Internet Explorer browser.
More than any topic, security reigned as the most pervasive theme during the online discussion, including when end users could see the next patch for vulnerabilities in IE.
IE staffers said the XP SP2 service pack is currently available for download as release candidate 2. That means it's not completed, final or stable yet, and that the final stable SP2 is coming soon. The browser's ActiveX scripting vulnerabilities have been faulted in several recent high-profile attacks that hit Web sites running Microsoft IIS 5.0 servers.
Here's the Kicker: Within hours of Microsoft releasing its patch last week to plug a hole in its IE browser, a Dutch security expert posted code on his site that revealed the patch still leaks.
0 Comments:
Post a Comment
<< Home