New super patch for IE fixes six new flaws

About InfoWorld : Advertise : Subscribe : Contact Us : Awards : Events : Store

NEWS

New super patch for IE fixes six new flaws

By Joris Evers
August 23, 2002 4:33 am PT

MICROSOFT LATE Thursday issued a cumulative patch for its Internet Explorer Web browser that also fixes six new vulnerabilities, the most serious of which could enable an attacker to take control over a user's system, Microsoft said.

ADVERTISEMENT

<a href="http://ad.doubleclick.net/jump/idg.us.info.news/article;abr=!ie;pos=imu;pkey=archive_cat;skey=;paud=;saud=;sz=336x280;tile=2;ord=575704240708?"> <img src="http://ad.doubleclick.net/ad/idg.us.info.news/article;abr=!ie;pos=imu;pkey=archive_cat;skey=;paud=;saud=;sz=336x280;tile=2;ord=575704240708?" border="0"> </a>

Free IT resource

Virtualization Insights from Top Experts - Learn how virtualization gets real!

TOP NEWS

IT SOLUTION SEARCH

All currently-supported versions of Internet Explorer, 5.01, 5.5, and 6.0, are affected, putting tens of millions of Internet users at risk. Internet Explorer is the world's most popular Web browser. Microsoft urges all users to immediately apply the patch, it said in security bulletin MS02-047.

Versions of Internet Explorer that are no longer supported could also be vulnerable, Microsoft noted.

A cumulative patch is a patch that includes all previously released fixes for a software product. The six newly patched vulnerabilities exist in various parts of Internet Explorer and mainly put client systems at risk, but Microsoft deems the super patch "critical" for Internet and Intranet servers too.

Three of the six new flaws enable an attacker to run code on a user's system, while other vulnerabilities could be exploited to read files on a user's computer, trick the user into downloading malicious code or run script on the user's system, Microsoft said.

In addition to fixing the vulnerabilities, the patch package also permanently disables two vulnerable ActiveX controls, one linked to the MSN chat application and one to a feature for terminal services sessions, Microsoft said. ActiveX controls are small programs designed to perform a single task.

Microsoft's security bulletin and the patch can be found at: http://www.microsoft.com/technet/security/bulletin/MS02-047.asp

Related articles

New IE flaw enables remote PC attacks Microsoft offers fix for two IE security holes Microsoft battles old, new security holes with IE patch

Joris Evers is an Amsterdam correspondent for the IDG News Service, an InfoWorld affiliate.

SPONSORED WHITE PAPERS

EMC - Lower costs and improve reliability-Get the EMC CLARiiON white paper!
Ciphertrust - Are you ready for Sobig.G? Learn how to protect your email systems.
CDW - Personal attention. CDW. The Right Technology. Right Away.
EMC - Explore key performance features and capabilities of EMC ControlCenter 5.1.1.
Intel - Free Intel white paper shows you how to deploy a secure wireless LAN
Cisco - FREE WHITE PAPER: BLUEPRINT to design and implement secure VPNs
Verity, Inc. - "Mass Consolidation Hits the Web-Search Market"
McDATA - Download a FREE storage consolidation white paper from McDATA(R).
Lucent Technologies - Overcoming Common Firewall Limitations
Lucent Technologies - Leverage Your Mobile High Speed Data Access. Download Free White Paper!
Nokia - Get the scoop! Mobilizing business white papers & case studies.
BMC Software - Maximize the Potential of Enterprise Data: Free white paper!
Network Associates - Free white paper - Strategies for Optimizing Network Costs and Benefits
Entrust - Manage identities across applications. Improve productivity.
Stalker Software - CommuniGate Pro - Transform your Email and Calendaring
Remedy - A NEW Gartner Research Note:Producing Quality IT Services

Search the IDG White Paper Library:

SPONSORED LINKS

INFOWORLD MARKETPLACE

» Hot Stock Alert (TMDI)
Telemedicus - Medical Communication Top Telemedicine Technology
» Apply BPM and ITIL at your IT Help Desk
ServiceWise brings BPM to complete IT service while eliminating integration cost. Learn more here.
» EMC delivers high-speed image capture, storage
Learn how you can quickly capture, organize, and deliver information with EMC ApplicationXtender.
» Register for your free VMWare Virtualization kit!
VMware virtualization takes the cost and complexity out of IT Download this free kit to learn how.
» FREE Sophos Threat Detection Test
Is your AV catching everything it should? Free virus, spyware and adware scan.

>> BUY A LINK NOW

	HOME NEWS TEST CENTER OPINIONS PRODUCT GUIDE TECHINDEX	About : Advertise : Subscribe : Contact Us : Awards : Events
Copyright © 2008, Reprints, Permissions, Licensing, IDG Network, Privacy Policy

All Rights reserved. InfoWorld is a leading publisher of technology information and product reviews on topics including viruses, phishing, worms, firewalls, security, servers, storage, networking, wireless, databases, and web services.

Computerworld :: Network World :: CIO :: PC World :: Darwin :: CMO :: CSO
IT Careers :: JavaWorld :: Macworld :: Mac Central :: Playlist :: GamePro :: GameStar :: Gamerhelp
ITWorld Canada :: Computerwoche :: Techworld UK :: tecChannel :: IDG.se :: IDG.no