We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Microsoft offers patch for IE security holes

Two vulnerabilities put web browser in 'critical' condition

Microsoft released a security patch on Thursday designed to fix two security vulnerabilities in certain versions of its Internet Explorer web browser, the company said in a bulletin on its website.

One hole could allow a malicious script embedded in a cookie to be run in an area of a user's PC known as the 'local computer zone', where it could alter or delete files on a user's PC. Most scripts embedded in cookies are supposed to be run in an area known as the internet zone, which places tighter restrictions on how programs can behave.

A second vulnerability involves the way object tags are handled and could allow an attacker to invoke an executable file already present on a user's machine, Microsoft said. A malicious hacker could create a web page that includes the object tag and cause the executable to run, the company said.

Users are advised to read Microsoft's security bulletin on its website, which includes instructions on how to download a software patch designed to fix the problems. They affect Internet Explorer 5.01 and 5.5 and Internet Explorer 6.0, Microsoft said. The patches available are cumulative, meaning they include the functionality of all previously released patches for those versions of Internet Explorer.

The bulletin is available here.


IDG UK Sites

Sony Xperia Z3 Compact review: A better deal than the Z3 and most smartphones

IDG UK Sites

Why people aren't upgrading to iOS 8: new features are for power users, not the average Joe

IDG UK Sites

Framestore recreates ancient China for Mr Bean's martial arts misadventure

IDG UK Sites

iPad Air 2 review: Insanely fast and alarmingly thin. Speed tests, camera tests and more