October 27, 2006 3:21 PM PDT

Another flaw in IE 6 found

By Robert Vamosi
Special to CNET News.com

Related Stories: Mozilla rebuts Firefox 2 bug reports
October 25, 2006; Spoofing bug found in IE 7
October 25, 2006; Zero-day attacks continue to hit Microsoft
September 27, 2006; Security pros provide interim IE patch
September 22, 2006

Microsoft is investigating a flaw in Internet Explorer 6, according to a posting on the software maker's Security Response Center blog. The ADODB.Connection ActiveX control in Internet Explorer 6.x may contain a vulnerability that can cause memory corruption, and therefore crash the browser.

It is possible this new threat, considered by Microsoft to be a low risk, could be used by criminal hackers for so-called "drive-by" downloads. This vulnerability has been assigned a National Vulnerability Database number of CVE-2006-5559. For instructions on disabling ActiveX, see this US-CERT document.

See more CNET content tagged:
flaw, Microsoft Internet Explorer 6, Microsoft Internet Explorer, Microsoft Corp., Web browser

8 comments

Join the conversation! Add your comment (Log in or register)

Simple solution

Never use IE (6 or 7) except for Windows Update. IMO, it's too big a
security risk. Set it on High Security and leave it alone.

Posted by rcrusoe (1307 comments )

October 29, 2006 3:57 AM (PST) Like Reply Link Flag

but..: aren't you using IE every time you use windows? Isn't that how you
navigate the file system?
Posted by Jesus#2 (127 comments ): October 30, 2006 7:12 PM (PST) Like Link Flag

Better solution: Never use IE6, use IE7. IE7 is not a security risk IMHO. Leave the default settings, make sure you have a firewall, anti-spyware and anti-virus all up-to-date and have fun surfing the Internet.
Posted by Ryo Hazuki (378 comments ): October 31, 2006 10:50 AM (PST) Like Link Flag

thank heavens Vista will fix everything...

... Bill Gates would never lie, would he...?

Posted by W2Kuser (33 comments )

October 29, 2006 6:34 PM (PST) Like Reply Link Flag

To bad ignorance is still an anti-Microsoft pre-requisite...: Did he ever say that?
Posted by Ryo Hazuki (378 comments ): October 31, 2006 11:04 AM (PST) Like Link Flag

getfirefox.com

getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com getfirefox.com

Posted by sadchild (261 comments )

October 30, 2006 5:27 AM (PST) Like Reply Link Flag

Or get something better (the market-leading web browser): Microsoft Windows Internet Explorer 7: <a class="jive-link-external" href="http://www.microsoft.com/windows/ie/downloads/default.mspx?mg_id=10013" target="_newWindow">http://www.microsoft.com/windows/ie/downloads/default.mspx?mg_id=10013</a>.
Posted by Ryo Hazuki (378 comments ): October 31, 2006 11:08 AM (PST) Like Link Flag

Join the conversation

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

Markets: Market news, charts, SEC filings, and more; Related quotes; Microsoft (-0.03%) -0.01 29.06; Dow Jones Industrials (-0.60%) -74.92 12,454.83; S&P 500 (-0.22%) -2.86 1,317.82; NASDAQ (-0.07%) -1.85 2,837.53; CNET TECH (-0.20%) -4.05 2,040.30

Recently Viewed Products
My Lists
My Software Updates
Promo
Log In | Join CNET

Another flaw in IE 6 found

Mozilla rebuts Firefox 2 bug reports

Spoofing bug found in IE 7

Zero-day attacks continue to hit Microsoft

Security pros provide interim IE patch

Join the conversation

Report offensive content:

E-mail this comment to a friend.

Warning! You will be deleting this comment and all its replies (if applicable).

Most Popular

RSS Feeds

RSS

my Yahoo

Google

MSN