Microsoft Announces Bug In the IE Ointment

    July 2, 2005

Mammoth software company Microsoft announced and itty bitty little bug that can cause a lot of problems for users of Internet Explorer (IE). The bug, reported by SEC Consult hasn’t been utilized yet but Microsoft did confirm the vulnerability.

The advisory said, “Microsoft is investigating a new public report of a vulnerability affecting Internet Explorer. We have not been made aware of any attacks attempting to use the reported vulnerability or customer impact at this time, but we are aggressively investigating the public report.”

SEC Consult said IE could be worked over pretty good if users visited certain types of unseemly websites.

Users of IE 5.01 SP3 and up on Windows 2000 or later platforms, IE 5.5 SP2 on Windows Millennium Edition, and IE 6 SP1 on Windows 98. 98SE and ME are all subject to the vulnerability. The users can check out Microsoft’s security advisory on how to handle the problem in detail.

In the meantime, Microsoft said the best way to handle this problem is to up the intranet security settings to high before running ActiveX and as always, be careful when visiting strange and unusual websites.

John Stith is a staff writer for WebProNews covering technology and business.