There is a severe bug in Internet Explorer 5's security system concerning ActiveX components on web pages. If you go to a web page that has an evil ActiveX component (for example, the component shuts down Windows) and tell IE to run the component, of course it runs it. After that you know that you do not want to run that component. But what happens when you go to that page later? IE5 asks whether you want to run this component or not. Say no, and it still runs it! So all it takes is one little mistake to run the component and it will be run every time you go to a page with that component. And think what will happen, if the component doesn't do its damage the first time, but the second time or later. Even if you don't want to run it, it will be run. And it might not even be shown on the screen. -- Sami Kuhmonen | samiat_private | http://feenix.iqs.fi/ iQs Partners Finland | iqsat_private | http://www.iqs.fi/ !!Webhotellit ilman avausmaksua!! | http://www.saitti.net/ * Tutustu verkkokauppaan! | http://kauppa.iqs.fi/ *
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:54:50 PDT