We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,059 News Articles

Microsoft issues security bulletins for IE and XP

Software giant warns of vulnerabilities

Software giant Microsoft yesterday issued two security advisories, pointing to a "critical" flaw in its Internet Explorer browser and a second, less severe problem with its Windows XP operating system.

The problem with Internet Explorer stems from a security function in the software designed to stop one domain, such as a website, from sharing information with another domain. Microsoft has discovered that such information sharing can occur when certain dialog boxes are used.

An attacker could create a web page that takes advantage of the flaw and uses it to run malicious code — possibly in the form of an executable file — on a computer used to visit the page, Microsoft said. A related vulnerability allows an attacker to access a user's system via HTML (hypertext markup language) pages that display help content, Microsoft said.

The company recommended that users with Internet Explorer versions 5.01, 5.5 and 6.0 download a patch for these problems. The security bulletin, including links to the patch, is available here.

The second warning, for Windows XP, concerns a problem in the Windows Redirector software, which is used to access local and remote files. By sending bad data to the Redirector a hacker could cause a system to fail or, if the data were crafted in a particular way, run malicious code on the user's computer.

The flaw in XP can't be exploited remotely and an attacker would need the ability to log on to a system to run programs that use the Redirector, according to Microsoft. Nevertheless, it said users should consider installing its security update for the problem and rated it an "important" issue.

The security bulletin can be viewed here.


IDG UK Sites

How to watch Samsung Galaxy Note 4 launch live: Unpacked 2014 Episode 2 at IFA

IDG UK Sites

How Apple, Adobe, Microsoft and others have let us down over UltraHD and hiDPI screens

IDG UK Sites

Miranda July's Somebody app offers a very unusual take on messaging

IDG UK Sites

What to expect from Apple in autumn/winter 2014: iPhone 6, iPhone Air, iWatch, iPad 6, new Apple...