http://www.vnunet.com/vnunet/news/2135289/internet-explorer-springs-leaks Tom Sanders in California vnunet.com 17 May 2005 Security researchers have reported a high-risk flaw in Microsoft's Outlook and Internet Explorer. The hole could allow malicious code to be executed with minimal user interaction, according to security firm eEye Digital Security. The company claims to have notified Microsoft about the flaw on 5 May. A spokeswoman for Microsoft confirmed that the company has been notified, and is investigating the issue. "At this time, Microsoft is not aware of any malicious attacks attempting to exploit the reported vulnerabilities, and there is no customer impact based on this issue," she said. The defect affects systems running Windows NT, 2000, XP and at least some versions of Windows 2003. EEye notified Microsoft about two other flaws in Internet Explorer and Outlook on 16 March and 29 March, but the software giant has yet to release a patch for the problems. Microsoft usually releases patches on a monthly basis to allow systems administrators to plan for the fixes, although an out-of-cycle patch can be issued in emergencies. _________________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Wed May 18 2005 - 15:56:40 PDT