Hi, Internet Explorer 6.0 could inherit weakness from IE 5.x if not patched proberly Both Nimda and Badtrans-B, as well as others, exploit the Iframe weakness as described in MS01-20. This is a minor issue but appears when you're updating a unpatched version of IE to version 6.0. The problem is not really the patch, but the way you update from a vulnerable IE, to the latest IE6.0. If you choose to update a vulnerable version of IE5.1 or IE5.5 SP1, with the latest version of IE6.0 using the minimal installtion option, then the weakness described in MS01-20 will affect IE6.0 as well. This is very likely because the affected files (described in MS01-20) are not being proberly updated/overwritten with the minimal installation option in IE6.0. This would also explain why some administrators have reported that their Internet Explorer 6.0 is vulnerable to the Iframe exploit used by Nimda and Badtrans-B. Some private users and SOHO's might consider the minimal installation. The default IE6.0 is rather large for a dial-up user or a small office with small bandwidth. This minor issue has been confirmed by Microsoft. Microsoft fairly points out that this is NOT the default installation for IE 6.0. This has been noted, and as stated earlier, this is a minor issue. Med venlig hilsen / Kind regards Peter Kruse Security & Virusresearch Telia Telecom A/S Søren Frichsvej 34C - DK 8230 Åbyhøj Email: pkrat_private - Mobil: +45 2827 9785
This archive was generated by hypermail 2b30 : Fri Dec 07 2001 - 08:26:51 PST