January 3, 2002 5:50 PM PST

Microsoft alerts Passport users to patch IE

By Stefanie Olsen
Staff Writer, CNET News

Share
- Digg
- Del.icio.us
- Reddit
- Facebook
Email
Print

Related Stories: Microsoft issues patch for "serious" XP hole
December 20, 2001; Microsoft rushes to close IE security hole
December 14, 2001; New pack fixes Office XP bugs
December 13, 2001; IE security hole leads to cookie jar
November 9, 2001

Microsoft is pressing .Net Passport users to install a patch for some versions of its browser nearly two months after it fixed a security flaw that threatens their personal data online.

The Redmond, Wash.-based company has sent millions of e-mail notifications in the past month to Passport users, urging them to visit a special Web page to determine whether Internet Explorer needs a security upgrade.

"The reason for the 'canvassing' approach is that we feel that we need to do everything to make users aware of fixes to browser issues that could affect their Passport experience," said a Microsoft representative. "The fundamental architecture of IE and .Net Passport continues to be safe and secure for consumers."

The move illustrates Microsoft's sensitivity to the possibility of ongoing security risks, since many customers often ignore fixes to flawed software. Although Microsoft has not tracked how many people applied the IE fix, the company has said the issue has been a problem in the past.

The fix is meant to shore up a known vulnerability in IE 5.5 and 6.0. In November, Microsoft warned that the flaw could expose personal data contained within cookies--tiny electronic files used by Web sites to file account information or personalize pages. The flaw could allow an outsider to break into cookies and steal or alter data from Web accounts, including credit card numbers, usernames and passwords.

The software maker has been racked with security problems of late. Just two weeks ago, Microsoft released a fix for a security hole in Windows XP that could leave some systems open to a malicious attack. At the time, Microsoft recommended that every Windows XP customer apply the patch immediately.

In November, security flaws were found in Microsoft's Passport authentication system, causing the software maker to remove part of the service from the Internet. The privacy breach in the Passport service, which keeps track of data used by e-commerce sites, potentially exposed the financial data of thousands of consumers, undermining Microsoft's recent efforts to convince people that it is serious about security.

For the IE fix, Microsoft said it has sent e-mail to 25 million Passport subscribers and newsletters via Hotmail and MSN Internet access accounts.

Latest tech news headlines

Facebook botnet risk revealed
Posted in News - Security by Elinor Mills

September 6, 2008 1:44 PM PDT
Security firm spots Chrome 'SaveAs' flaw
Posted in News - Security by Jonathan Skillings

September 6, 2008 11:33 AM PDT
At 10 years old, whither Google?
Posted in News - Digital Media by CBS Interactive staff

September 6, 2008 10:15 AM PDT

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

Inside CNET News

Scroll Left Scroll Right

News - Business Tech
Chrome's JavaScript challenge to Silverlight
The advent of Google's Chrome browser, software pros say, should spur a big speedup for JavaScript, which would raise its standing against Microsoft's Silverlight technology.
Gallery
Photos: Top 10 reviews of the week
Here are CNET Reviews' 10 favorite items from the past week, including the TiVo HD XL, Sony Cyber-shot DSC-H50, and the Dish Network's newest digital TV converter box.
News - Apple
Apple watchers spot 'iPod Nano' pix, iTunes hints
The rumor mill has long been predicting a longer, leaner new version of the iPod Nano, and now it's conjuring up some pictures.
Outside the Lines
EIC Squared: Chrome, iPods, and a Dell-Salesforce union
On this week's EIC Squared podcast CNET's Dan Farber and ZDNet's Larry Dignan discuss Google's latest rocket launch--the Chrome browser--as well as Apple's iPod event next week and a Dell-Salesforce.com union.
Video
Katie Couric reflects on first Webcast
The political conventions are over and so are CBS Evening News anchor Katie Couric's first series of Webcasts. CNET's Kara Tsuboi sat down with Couric on the final night of the Republican National Convention to discuss what she liked about Webcasting, some of her most memorable guests, and whether TV news will still be around by the next round of conventions.
News - Digital Media
At 10 years old, whither Google?
Daniel Sieberg of CBS News looks at how the company grew exponentially from start-up to superstar and part of our culture, but what's ahead?
Video
YouTube plays party politics
During the presidential campaigning four years ago, YouTube didn't even exist. Now it's a tool candidates must master to get their message across. CNET's Kara Tsuboi stops by the YouTube upload booths at the Democratic and Republican conventions to find out why Google's video site has such a big presence in Denver and St. Paul, Minn.
News - Gaming and Culture
Are Demo and TechCrunch50 fragmenting their audiences?
With both events scheduled to start Monday, many press, as well as venture capitalists and others are having to choose which one to attend.
News - Cutting Edge
Execs predict next Google-like tech
On eve of company's 10-year anniversary, researchers and business pundits speculate about what technologies might someday have as much impact as Google.
Gallery
Images: The art of 'Spore' prototypes
Will Wright and his Maxis team worked on dozens of prototypes to test the elements of their soon-to-be-released evolution game. Here's a sampling.
Webware
Mozilla releases second Firefox 3.1 alpha
Added features include support for a new video tag element introduced with the HTML 5 standard, along with some speed enhancements.
Green Tech
Duke Energy to invest in mini solar power plants
Can hundreds of rooftop solar panels collectively operate like a central power plant? Duke Energy launches $100 million distributed solar program to find out.