Feeds

Microsoft plugs new Internet Explorer security leak

Stops sneaky Webmasters snooping your hard disk

  • alert
  • submit to reddit

Remote control for virtualized desktops

Microsoft has released a patch for Internet Explorer 4 which is designed to seal a security breach that could allow unscrupulous Web site hosts and hackers to read files on a user's hard drive. The so-called Cross-frame Navigate bug effectively allows developers to code pages that will display files on the user's computer. The developer must, however, know the name of the files he or she is seeking. The bug was originally detected by Bulgarian user Georgi Guninski. All versions of Internet Explorer 3 and 4 are vulnerable to the bug, including Windows 95/98/NT and Macintosh platform. However, the patch is only available for IE 4 -- users of version 3 will need to upgrade. Microsoft said the bug also affects software that interprets HTML code through the IE engine, such as AOL. The patches are available from Microsoft's IE Web site. ®

Choosing a cloud hosting partner with confidence

More from The Register

next story
MI6 oversight report on Lee Rigby murder: US web giants offer 'safe haven for TERRORISM'
PM urged to 'prioritise issue' after Facebook hindsight find
I'll be back (and forward): Hollywood's time travel tribulations
Quick, call the Time Cops to sort out this paradox!
Assange™ slumps back on Ecuador's sofa after detention appeal binned
Swedish court rules there's 'great risk' WikiLeaker will dodge prosecution
NSA mass spying reform KILLED by US Senators
Democrats needed just TWO more votes to keep alive bill reining in some surveillance
prev story

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.