Researcher: Microsoft Patch Opens Users to Attack
Robert Lemos writes over on SecurityFocus:
Microsoft is rushing to fix a flaw introduced by the company's latest security update to Internet Explorer--a flaw that opens Windows users to attack, a security firm said on Tuesday.More here.
The flaw, initially thought to only crash Internet Explorer, actually allows an attacker to run code on computers running Windows 2000 and Windows XP Service Pack 1 that have applied the August cumulative update to Internet Explorer 6 Service Pack 1, security firm eEye Digital Security asserted. The update, released on August 8, fixed eight security holes but also introduced a bug of its own, according to Marc Maiffret, chief hacking officer for the security firm, which notified Microsoft last week that the issue is exploitable.
posted by Fergie @ 8/22/2006 01:50:00 PM
0 Comments:
Post a Comment
<< Home