Nice big IE patch now available
-
clickety This patch evidently eliminates that nasty virus that stores it's payload within an embedded frame. Will everyone in the world kindly update their IE and also install an antivirus filter and PLEASE STOP SENDING ME VIRUSES. <breathes deeply into paper bag> I must be getting 100-200 of them a day. cheers, Chris Maunder
-
clickety This patch evidently eliminates that nasty virus that stores it's payload within an embedded frame. Will everyone in the world kindly update their IE and also install an antivirus filter and PLEASE STOP SENDING ME VIRUSES. <breathes deeply into paper bag> I must be getting 100-200 of them a day. cheers, Chris Maunder
How big is big, before I start this download so close to bedtime? :confused: Michael Martin Australia mjm68@tpg.com.au "In Summer, I like to dance naked on the roof to celebrate the event of the temperature finally falling below 40C (usually about midnight). But the neighbors have lately taken up the habit of staying up late. And looking up, at times, from their dreary, pointless lives..." - Roger Wright 15/05/2002
-
How big is big, before I start this download so close to bedtime? :confused: Michael Martin Australia mjm68@tpg.com.au "In Summer, I like to dance naked on the roof to celebrate the event of the temperature finally falling below 40C (usually about midnight). But the neighbors have lately taken up the habit of staying up late. And looking up, at times, from their dreary, pointless lives..." - Roger Wright 15/05/2002
roughly 2mb, depending on what version of IE you have -- Help me! I'm turning into a grapefruit!
-
clickety This patch evidently eliminates that nasty virus that stores it's payload within an embedded frame. Will everyone in the world kindly update their IE and also install an antivirus filter and PLEASE STOP SENDING ME VIRUSES. <breathes deeply into paper bag> I must be getting 100-200 of them a day. cheers, Chris Maunder
-
clickety This patch evidently eliminates that nasty virus that stores it's payload within an embedded frame. Will everyone in the world kindly update their IE and also install an antivirus filter and PLEASE STOP SENDING ME VIRUSES. <breathes deeply into paper bag> I must be getting 100-200 of them a day. cheers, Chris Maunder
Chris Maunder wrote: Will everyone in the world kindly update their IE and also install an antivirus filter and PLEASE STOP SENDING ME VIRUSES LOL. Get yourself a decent domain host/ISP. All my pop mail gets virus scanned on the pop server before I get it, and anything I send out gets scanned on the SMTP server before it goes out onto the web. So it's impossible for me to receive a virus (unless it's one that *none* of the AV software has a sig for) or for me to spread one if it gets as far as my machine. I don't run any client AV s/w, and haven't done so for 6 years - and I've never had a virus. :-D Mark ________________________ http://www.webreaper.net
-
clickety This patch evidently eliminates that nasty virus that stores it's payload within an embedded frame. Will everyone in the world kindly update their IE and also install an antivirus filter and PLEASE STOP SENDING ME VIRUSES. <breathes deeply into paper bag> I must be getting 100-200 of them a day. cheers, Chris Maunder
Too late :), I got it installed already, but from windowsupdate.microsoft.com. I just wonder, does somebody use it or do you prefer to download and install updates manually? Martin
-
clickety This patch evidently eliminates that nasty virus that stores it's payload within an embedded frame. Will everyone in the world kindly update their IE and also install an antivirus filter and PLEASE STOP SENDING ME VIRUSES. <breathes deeply into paper bag> I must be getting 100-200 of them a day. cheers, Chris Maunder
-
Too late :), I got it installed already, but from windowsupdate.microsoft.com. I just wonder, does somebody use it or do you prefer to download and install updates manually? Martin
-
Too late :), I got it installed already, but from windowsupdate.microsoft.com. I just wonder, does somebody use it or do you prefer to download and install updates manually? Martin
I've set up all the machines under my control (oh the sheer power of it!) to check with Windows Update automatically and notify me if there are any new hotfixes available. Then it's just a case of typity typity type... ballon("a new update is avilable") ... ok... typity typity type. Then I just click on the WU icon before I shut down the machine, and install the fix(es). ____________________ David Wulff hu·mour Pronunciation Key (hymr) n. & v. Chiefly British Dave's Code Project Screensaver and Wallpaper page.
-
They are bundling old and new patches now.... Me thinks that is so they can patch all holes without having to tell what they are. I didnt find what the new patches where anyway. (but after clicking down 3 levels of new IE windows i gave up) X| /Magnus
Here's a copy/paste of the Issues portion of the e-mail alert This is a cumulative patch that includes the functionality of all previously released patches for IE 5.01, 5.5 and 6.0. In addition, it eliminates the following six newly discovered vulnerabilities: - A cross-site scripting vulnerability in a Local HTML Resource. IE ships with several files that contain HTML on the local file system to provide functionality. One of these files contains a cross-site scripting vulnerability that could allow a script to execute as if it were run by the user herself, causing it to run in the local computer zone. An attacker could craft a web page with a URL that exploits this vulnerability and then either host that page on a web server or send it as HTML email. When the web page was viewed and the user clicked on the URL link, the attacker's script injected into the local resource, the attacker's script would run in the Local Computer zone, allowing it to run with fewer restrictions than it would otherwise have. - An information disclosure vulnerability related to the use of am HTML object provides that support for Cascading Style Sheets that could allow an attacker to read, but not add, delete or change, data on the local system. An attacker could craft a web page that exploits this vulnerability and then either host that page on a web server or send it as HTML email. When the page was viewed, the element would be invoked. Successfully exploiting this vulnerability, however, requires exact knowledge of the location of the intended file to be read on the user's system. Further, it requires that the intended file contain a single, particular ASCII character. - An information disclosure vulnerability related to the handling of script within cookies that could allow one site to read the cookies of another. An attacker could build a special cookie containing script and then construct a web page with a hyperlink that would deliver that cookie to the user's system and invoke it. He could then send that web page as mail or post it on a server. When the user clicked the hyperlink and the page invoked the script in the cookie, it could potentially read or alter the cookies of another site. Successfully exploiting this, however, would require that the attacker know the exact name of the cookie as stored on the file system to be read successfully. - A zone spoofing vulnerability that coul