Guninski finds another IE 5.5 security hole
Does this man do anything else?
We have a problem with IE security bugs - they all look the same to us. So thank goodness for George Guninski, who's found yet another security hole in Microsoft's IE5.
The problem affects IE 5.5 and Outlook and Outlook Express, and exploits the compressed help file (.chm) format.
Guninski has found a problem with the .chm format before. Last time Microsoft patched it by requiring that the help files run from the local file system. But the problem has resurfaced because the new problem reveals the location of temporary Internet files or folders.
Guninski made the discovery public on the Bugtraq security mailing list. He wrote: "Once a temporary Internet files folder name is known, it is possible to cache a '.chm' in any temporary Internet files folder and then use 'window.showHelp()' to execute it.There are other ways to execute programs once a temporary Internet files folder is known and document is cached in it, but 'showHelp()' seems to be the simplest."
Guninski spends a lot of time finding holes in Microsoft's software. Previously the software giant has criticised him for the short notice period he gives before going public with the flaw. Guninski informed the company about the latest hole on 15 November. ®