[ISN] Internet Explorer springs more leaks

From: InfoSec News (isn@private)
Date: Wed May 18 2005 - 00:11:38 PDT


http://www.vnunet.com/vnunet/news/2135289/internet-explorer-springs-leaks

Tom Sanders in California
vnunet.com 
17 May 2005

Security researchers have reported a high-risk flaw in Microsoft's
Outlook and Internet Explorer.

The hole could allow malicious code to be executed with minimal user
interaction, according to security firm eEye Digital Security. The
company claims to have notified Microsoft about the flaw on 5 May.

A spokeswoman for Microsoft confirmed that the company has been
notified, and is investigating the issue.

"At this time, Microsoft is not aware of any malicious attacks
attempting to exploit the reported vulnerabilities, and there is no
customer impact based on this issue," she said.

The defect affects systems running Windows NT, 2000, XP and at least
some versions of Windows 2003.

EEye notified Microsoft about two other flaws in Internet Explorer and
Outlook on 16 March and 29 March, but the software giant has yet to
release a patch for the problems.

Microsoft usually releases patches on a monthly basis to allow systems
administrators to plan for the fixes, although an out-of-cycle patch
can be issued in emergencies.



_________________________________________
InfoSec News v2.0 - Coming Soon!
http://www.infosecnews.org



This archive was generated by hypermail 2.1.3 : Wed May 18 2005 - 15:56:40 PDT