Details here: http://www.microsoft.com/technet/security/bulletin/ms08-apr.mspx The Cumulative Security Update for Internet Explorer is also available - details here: http://www.microsoft.com/technet/security/Bulletin/MS08-024.mspx Note that this month's cumulative update includes the IE Automatic...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
04-09-2008
Filed under: Internet Explorer 7, Internet Explorer, Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
Microsoft is investigating new public reports of a vulnerability in the way Windows resolves hostnames that do not include a fully-qualified domain name (FQDN). The technology that the vulnerability affects is Web Proxy Auto-Discovery (WPAD). Microsoft has not received any information to indicate that...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
12-04-2007
Filed under: Internet Explorer 7, Internet Explorer, Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
The IE team have blogged about the release of a new version of the SiteLock Template for ActiveX Controls . I can't stress strongly enough how important it is that developers place security first when developing controls. Over the years there have been numerous instances where ActiveX controls have...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
09-19-2007
Filed under: Internet Explorer 7, Internet Explorer, Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
This critical security update resolves three privately reported vulnerabilities. These vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer user rights on the system could be less impacted...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
08-17-2007
Filed under: Internet Explorer 7, Internet Explorer, Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
This security update resolves a privately reported vulnerability in the Vector Markup Language (VML) implementation in Windows. The vulnerability could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. Users whose accounts are configured to have fewer...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
08-17-2007
Filed under: Internet Explorer 7, Internet Explorer, Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
MS07-045 - Cumulative Security Update for Internet Explorer (937143) CSS Memory Corruption Vulnerability - CVE-2007-0943 - Internet Explorer 5.01 on Windows 2000 A remote code execution vulnerability exists in the way Internet Explorer parses certain strings in CSS. An attacker could exploit the vulnerability...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
08-15-2007
Filed under: Internet Explorer 7, Internet Explorer, Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
The IE Cumulative Security Update for August 2007 is now available via Windows, Microsoft and Automatic Update. Information about the cumulative update can be found here: http://www.microsoft.com/technet/security/Bulletin/ms07-027.mspx The update fixes three remote code execution vulnerabilities and...
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
08-15-2007
Filed under: Internet Explorer 7, Internet Explorer, Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits
12 patches, including a critical patch for Internet Explorer: http://www.microsoft.com/technet/security/bulletin/ms08-feb.mspx
Posted to
Spyware Sucks
(Weblog)
by
sandi
on
02-09-2008
Filed under: Internet Explorer 7, Internet Explorer, Vulnerabilities, Security, safety and privacy on the Internet, viruses and exploits