Serious security flaws in Windows, IE go public

MS has an Easter present for all the sysadmins out there: major security holes in Internet Explorer and in Windows (if the two things can be separated...) The IE vulnerabilities, described in this security bulletin, allow malicious sites to do Bad Things to your computer. (Thanks Dakar.) You can grab a patch here.

The Windows vulnerability affects both NT and 2000, and it's similar to a root exploit in Unix. The attacker can gain admin privileges and go to town. There's no fix yet for the Windows vulnerability, according to CNET's report on the problem. However, the security hole apparently isn't easily used over a network; console access is required. (Credit billb for sending this one.)

Tip: You can use the A/Z keys to walk threads.
View options

This discussion is now closed.