We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Microsoft offers patch for IE security holes

Two vulnerabilities put web browser in 'critical' condition

Microsoft released a security patch on Thursday designed to fix two security vulnerabilities in certain versions of its Internet Explorer web browser, the company said in a bulletin on its website.

One hole could allow a malicious script embedded in a cookie to be run in an area of a user's PC known as the 'local computer zone', where it could alter or delete files on a user's PC. Most scripts embedded in cookies are supposed to be run in an area known as the internet zone, which places tighter restrictions on how programs can behave.

A second vulnerability involves the way object tags are handled and could allow an attacker to invoke an executable file already present on a user's machine, Microsoft said. A malicious hacker could create a web page that includes the object tag and cause the executable to run, the company said.

Users are advised to read Microsoft's security bulletin on its website, which includes instructions on how to download a software patch designed to fix the problems. They affect Internet Explorer 5.01 and 5.5 and Internet Explorer 6.0, Microsoft said. The patches available are cumulative, meaning they include the functionality of all previously released patches for those versions of Internet Explorer.

The bulletin is available here.


IDG UK Sites

Sky to offer mobile phone contracts with O2: Will Vodafone make a move?

IDG UK Sites

Windows 10: a guaranteed success. Probably.

IDG UK Sites

Do we need to fight the government again over design and art education?

IDG UK Sites

How to make money selling books on the iBookstore, publish your book in Apple's book store