Feeds

MS quashes infamous Bofra bug

IFRAME fix

  • alert
  • submit to reddit

Choosing a cloud hosting partner with confidence

Microsoft broke with its normal patching schedule yesterday to issue a fix for the notorious IFRAME vulnerability in Internet Explorer.

Windows XP SP2 users were immune to the vulnerability, which was exploited by the Bofra worm. Surfers using Mozilla Firefox and Opera browsers were not affected. But users of older versions of IE were left in the firing line from 2 November, when the vulnerability was discovered, until Microsoft’s cumulative patch yesterday.

Microsoft describes its fix for the IFRAME (AKA HTML Elements) vulnerability as critical. Users of IE 6.0 on Windows XP SP1, Windows 2000 (SP3 and SP4) and Windows NT4 are strongly urged to apply Microsoft’s cumulative patch. Microsoft's advisory is here.

Redmond's next scheduled monthly patch update is Tuesday, 7 December. ®

Related stories

Watch out there's an IE bug about
Bofra worm sets trap for unwary
Bofra exploit hits our ad serving supplier
Bofra exploit tied to 'massive botnet'

Beginner's guide to SSL certificates

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.