Browse by Tags

All Tags » Internet Explorer » Security, safety and privacy on the Internet (RSS)

ALERT: Out of band security patch to be released tomorrow, 17 December at 10.00am Pacific time

Announcement here: http://blogs.technet.com/msrc/archive/2008/12/16/advance-notification-for-december-2008-out-of-band-release.aspx The patch resolves the actively exploited vulnerability that has been in the press so much in recent days, and which is...

MS06-042 re-released

MS have re-released three versions of their August 2006 cumulative security update (MS06-042). to address the vulnerability that it introduced in IE 6.0 SP1, and the additional vulnerabilites discovered in IE5.01 (Wndows 2000), IE 6.0 SP1 (in a different...

Update on IE7 and MSN/Windows Live Toolbar's Phishing Filter statistics

Microsoft's Phishing Filter is proving to be quite a success, thanks not only to all of the IE7 and MSN/Windows Live Toolbar users who are actively reporting phishing sites, but also thanks to data sharing between MS and third party data sources. Recently...

MS06-042 has been re-released

The problematic MS06-042 update has been re-released: http://www.microsoft.com/technet/security/Bulletin/MS06-042.mspx Hotfix 923782 has been replaced by the new security update 918899.

Possible fixes for crashes caused by MS06-042 (KB918899)

Note: An new version of 918899 was planned for release by 22 August for **IE6 SP1** users. Unfortunately, an issue with the new version has forced the delay of the updated patch for a few days, but it has now been released. I am very grateful for, and...

Cumulative update for Internet Explorer released (MS06-042, KB918899)

Information here: http://support.microsoft.com/?kbid=918899 http://www.microsoft.com/technet/security/bulletin/ms06-042.mspx I note that Siebel will finally be releasing an update to address the changes forced to activex by the EOLAS suit during Spring...

Fix: Internet Explorer freezes when using the drop-down address bar list when the fix described in KB908531 is installed

Stephen *** has posted to ie6.browser newsgroup regarding a known problem with MS06-15 / KB908531 wherein Internet Explorer may free when you attempt to use the drop-down list in the Address Bar. MS have tracked down the cause of the problem, and it is wide spread enough to be deserving of publicity....

The eEye hack for the createTextRange vulnerability

Summary: My advice? Don't install it. (Please forgive any grammatical or logical flow errors - I'm running real short of time but wanted to get this live before starting my work day). Two MS security bloggers have mentioned the eEye "patch" that protects...

Confirmed: createTextRange vulnerability is being exploited

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=JS%5FDLOADER%2EBXR&VSect=P I do note on the diagram that it stipulates that only the "January edition" of Internet Explorer 7 Beta 2 Preview is vulnerable. There has been a lot of confusion...

New publicly disclosed vulnerability in IE

The fact that it is publicly disclosed means that the bad guys *will* try to use it: http://blogs.technet.com/msrc/archive/2006/03/22/422849.aspx I know... telling people to only go to trusted sites is a tad unrealistic .. :o( I note the blog mentions...

Updated: Activex update 912945 to be deployed maybe during April

Edit: Ok, so maybe it won't be 11 April, but the Activex update *will* be included in the next available Internet Explorer security update. The blog entry still says 11 April ;o) http://blogs.technet.com/upstate-ny-technology/archive/2006/03/20/422522...

TrendMicro Antispyware for the Web causing issues again - this time nuking the Windows Genuine Validation Tool

Important Update: http://msmvps.com/blogs/spywaresucks/archive/2006/03/15/86345.aspx ------------------------------------------------------------------------------ This could prove to be a very serious problem. The Windows Genuine Advantage Validation...

Non-security update for Internet Explorer

Update: I'm seeing confusion about how/when the non-security update is being installed. The non-security update is NOT being downloaded and installed via Automatic Updates at this time. It is available via the Download Centre, and Windows Update (as an...

Y'know, I'm sure msnbc.co.uk was a legitimate MSN site..... once....

It sure as hell isn't a legitimate site anymore... please, don't go there unless you're using IE7, or a well patched IE6... better still... add www.msnbc.co.uk to your Restricted Sites zone before going anywhere near it (hyperlink neutralised). I don...

Patchou - still the bullshit continues...

Check out this thread: http://www.msghelp.net/showthread.php?tid=55990&page=1 It contains the most amazing bullshit... is it surprising that malware has such a hold when such justifications.... such bullshit... ok, I'm getting grumpy here.. hands...