October 27, 2006 3:21 PM PDT
Another flaw in IE 6 found
Microsoft is investigating a flaw in Internet Explorer 6, according to a posting on the software maker's Security Response Center blog. The ADODB.Connection ActiveX control in Internet Explorer 6.x may contain a vulnerability that can cause memory corruption, and therefore crash the browser.
It is possible this new threat, considered by Microsoft to be a low risk, could be used by criminal hackers for so-called "drive-by" downloads. This vulnerability has been assigned a National Vulnerability Database number of CVE-2006-5559. For instructions on disabling ActiveX, see this US-CERT document.
8 commentsJoin the conversation! Add your comment