Sun, Jun 27 2004 2:28
It's the home stretch for XP sp2 ......
"We're on the home stretch for Windows XP SP2! I can't begin to tell you what a relief it is to see it almost done." says Michael Howard on his blog. I agree. In looking over the Secunia advisories for Internet Explorer... IE is getting pretty nasty these days .....
The following are unpatched:
Secunia - Advisories - Internet Explorer File Download Error Message
Denial of Service Weakness:
Secunia - Advisories - Internet Explorer Security Zone Bypass and
Address Bar Spoofing Vulnerability:
Secunia - Advisories - Internet Explorer Local Resource Access and
Cross-Zone Scripting Vulnerabilities:
http://secunia.com/advisories/11793/ <<< this is the Russian IIS one
that is currently being exploited>>
Secunia - Advisories - Microsoft Internet Explorer and Outlook URL
Secunia - Advisories - Windows Explorer / Internet Explorer Long Share
Name Buffer Overflow:
Secunia - Advisories - Internet Explorer/Outlook Express Restricted Zone
Status Bar Spoofing:
.....you get the idea..... basically walk down the IE advisories and see which ones don't point to a security bulletin.....but even then, I think I'm going to keep running in high security. There's no reason that web sites should do “stuff” without my permission.
Remember the 10 laws of security? I'd say IE is letting rule number 2 to get broken.
Filed under: Security