ITinfo: Microsoft Security Hole via Web and Email

Internet Explorer Shot Again

Another security hole found in MS browser

ITINFO Sponsor

New Release: The Training Book, Volume 2

ITrain has limited pre-release copies of volume 2 of The Training Book, the handbook for trainers. Through an in-depth review of 67 articles, The Training Book demonstrates quickly and succinctly the steps you must take to become a great trainer.

Pre-release copies may be ordered today through the association's secure website, and quantities are limited.

Order your copy today!

Internet Poll

Have you attended a seminar via e-learning?

	yes
	no
poll archive

Microsoft Security Hole via Web and Email

by Dave Murphy
ISSN 1535-3613

Microsoft confirms that IE (Internet Explorer) is vulnerable to attacks from net crackers and other ne'er-do-wells.

Georgi Guninski, a JavaScript bug hunting champion, found the security hole and recommends disabling Active Scripting in IE. I agree. Until a fix is posted by Microsoft, access can be granted to files on web surfers' hard drives from malicious code posted to a website or included in the body of an HTML email message.

The problem is found in IE's search command, NavigateAndFind, which commands the browser to find a webpage and highlight a portion of text.

Call for Comments

What do you think? Leave your comments on the message center.

References

Microsoft
Message Center

Damar Group, Ltd. helps business use technology.

ITINFO is again accepting sponsors. Sponsor messages are included in ITINFO's email newsletter and are permanently posted to DGL's website and online reference areas.

ITINFO is an electronic publication of Damar Group, Ltd., publisher of Training Express computer learning guides. Comments and submissions to info@dgl.com.

Previous issues are on our website at http://dgl.com/itinfo/.

updated December 23, 1999
http://dgl.com/itinfo/1999/it991223.html