March 20, 2006 2:28 PM PST
New bug can crash Internet Explorer
- Related Stories
-
Microsoft updates IE after patent spat
February 28, 2006 -
Attack code out for latest Microsoft flaw
February 16, 2006 -
Microsoft patch jams up IE
December 16, 2005 -
Patches out for IE holes, Sony-related issue
December 13, 2005
Details of the security weakness in the Web browser were published on a popular security mailing list last week by researcher Michal Zalewski. "This might not come as a surprise, but there appears to be a very interesting and apparently very much exploitable overflow in Microsoft Internet Explorer," he wrote.
The flaw can be exploited by an attacker to crash IE, Secunia said in an advisory published Monday. The vulnerability has been confirmed on a fully patched PC running IE 6 and Windows XP with Service Pack 2, the security monitoring company said. Secunia deems the issue "not critical."
Microsoft is investigating the issue, a company representative said in an e-mailed statement. "At this time, we are not aware of any attacks attempting to use the reported vulnerability," the representative wrote.
Once it completes its inquiry, Microsoft said, it may issue a security advisory or provide a patch through its monthly release process.
See more CNET content tagged:
Microsoft Internet Explorer 6,
Microsoft Internet Explorer,
flaw,
security,
Microsoft Corp.

spyware. All of a sudden -- the hard drive goes nuts and CRASH IE
is taken out.
Wake up and by a Mac!
~Justin
Thats weird.
or Opera and say goodbye to IE
Microsoft needs to do an investigation to find the programmer(s) responsible,
and work together with other software companies to develop a blacklist so that
incompetents don't just move on to another unsuspecting employer.
The obvious answer to why a "security firm" would publish such information, information it deems "non-critical" and information surrounding a hole that has never been exploited by any entity except the "security firm" itself, is that the publication of such information is positive PR for the security firm itself. Outside of self-promotion for the "security firm," this information has no *positive* value whatsoever.
This is akin to Symantec publishing details of a virus that no one has ever contracted, and that no one has ever written before, in the hopes that someone will take this information and write a virus with it so that Symantec could then provide a "cure."
This "security firm" nonsense is a racket, pure and simple. A pity that so few people can see past the length of their own shallow prejudices to see it.
my appreciation, I have removed all copies of IE from my PC's too,
as much as IE can be removed from Windows. MS really welded IE
into Windows to beat out Netscape.
There were key PCs tasked to monitoring only, that were infected with viruses while the "host of other issues" were playing out. Trees take down power lines all the time, are you telling me the blackout of '03 was the only instance where trees took down lines? It was because of Microsoft infected devices tasked to monitoring this event failing, that action was not taken in a timely matter that may have prevented the blackout. That's where those of us not being paid off point fingers, with untainted common sense.
So why is it that almost all the complaining is from people who don't even use microsoft software? Oh, come on... you're so easy to spot... "M$, Micro$oft, Windoze, Just another example, etc, etc, etc." You have no right to complain; YOU DON'T EVEN USE IT.
I've had about enough from you MAC boys and Linux groupies. I'm not talking about everyone who uses Linux or MAC. Nope, just those of you who have nothing better to do with your pathetic, useless life than constantly complain about an OS you don't even use. Don't like my post? Byte me!
I kinda thought I made it pretty clear that I was nearly exhausted and got ahead of myself - forgetting to go back and re-read before posting. Had I, I would have corrected that first part to read so that it was clear that the Tabbrowsing did exist on IE (NOW, like after it had long been a feature in Mozilla projects - same as RSS feeds and anti-pop-up and phishing features) Features that mysteriously didn't appear in IE until they began to see some market erosion.
So - can you write a add-on to IE that enables even more flexibility to the Tabs? Probably not.
Can you write a feature to add enormous functionality in other parts of IE - no - you probably cannot.
By the way - can you remember the original instruction set for the 4086 processor - you know - the one that preceded the 8086 that was originally used in the first IBM PC's?
Yeah, I probably have forgotten more advanced programming techniques from the previous generations than you have mastered in the current.
Do you also have any in depth analog computing experience behind you? How about computers that don't even use electricity (like the pnuematic/hydraulic forced balance analogs I was responsible for on the USS Ranger)?
30 years and then some - but ONLY 30 as a recognized professional. The earlier work only got me statewide recognition in Ohio - and numerous scholarship offers while I was still in high school. Doing stuff like operational amplifier research and early gated logic circuits.
- THIS is NEWS?
-
by dlmeyer
March 21, 2006 10:14 PM PST
- I'm a Mac guy. I'm a Mac guy in part because I'd rather not deal
-
Reply to this comment
View
reply
-
-
See all 72 Comments >>with Microsoft's standard of 'excellence' unless I'm paid for the
effort. I firmly believe things about Microsoft that could get me
sued for slander or libel or some such.
Know where I'm coming from? OK. I'm telling you that this is not
a big deal. the bug allows a remote site to crash your browser.
While that is more of a disaster than has been successfully
visited on many Mac users, this is worth an uproar because ...? It
could annoy you by closing your other tabs ... oh, does IE have
those yet? It's no big deal! You restart IE and don't return to that
site ... and just what will you tell your wife or boss you were
doing there anyway?
Please ... even an enemy of the Evil Empire can't get roused over
this one.