A newly discovered security bug in Microsoft´s Internet Explorer 5.5 browser promises to send the company´s engineers back to work on a product released just this week.
The security hole lets an attacker read files on a target´s computer, according to Georgi Guninski, the Bulgarian bug hunter who demonstrated the bug.
The problem, as described in a Guninski advisory, lies in an ActiveX control that ships with IE 5.5, released this week, and with earlier versions of the browser. ActiveX is Microsoft´s method of letting a Web browser interact with other, more powerful desktop applications. The technology has been the target of security concerns for some time.
Read more
The security hole lets an attacker read files on a target´s computer, according to Georgi Guninski, the Bulgarian bug hunter who demonstrated the bug.
The problem, as described in a Guninski advisory, lies in an ActiveX control that ships with IE 5.5, released this week, and with earlier versions of the browser. ActiveX is Microsoft´s method of letting a Web browser interact with other, more powerful desktop applications. The technology has been the target of security concerns for some time.
Read more
