I can't find this patch/update. Checked the Windows XP update site and IE 6 site???
Microsoft plugs six browser holes
By Robert Lemos
Staff Writer, CNET News.com
February 11, 2002, 5:20 PM PT
news.com.com
Microsoft released a collection of software fixes Monday to plug six security problems in its Internet Explorer browser, including one that could be exploited to take over a victim's computer.
The advisory deemed as critical a vulnerability in the way Microsoft's browser opens external documents, but about which the software giant would say little for the past two months.
"We have said that the issue is under investigation," said a representative for the software giant.
The software flaw took Microsoft by surprise when a 31-year-old Austin, Texas-based security researcher using the handle "ThePull" posted details of the problem to a security mailing list.
The collection of software fixes, known as a cumulative patch, also fixes two flaws in the way Internet Explorer handles HTML, opens files, and executes certain scripts.
The release comes 48 hours after two security researchers pointed out that the security hole found in December can be combined with last week's minor privacy flaw in MSN Messenger to hijack MSN accounts.
"The flaw allows a malicious programmer, Web site or e-mail to impersonate you completely," said Thor Larholm, an Internet programmer for Danish portal Jubii and one of two researchers who found the problem. "You can, in essence, use this to remote-control a victim."
Stang |
