Plugging holes in Internet Explorer is a perpetual whack-a-mole exercise--as soon as Microsoft patches one hole, the bad guys (or avid security researchers) expose new ones. Late in November, a massive security flaw in Internet Explorer prompted Microsoft to pump out a fix. On the heels of that patch, the company had to take care of six other, separate holes--and then a seventh one, two weeks later.
At about the same time, RealNetworks came under fire and patched three security problems in its RealOne Player that may affect its older RealPlayer program as well.
But first, IE's biggie: If you use IE 5.01, 5.5, or 6, make sure you fix the major hole involving IE's "Data Access Components," which let your browser talk to databases over the Internet, and which retrieve and return data to IE. If you click a malicious link, the vulnerability could allow an attacker to send too much data to your browser, causing one or more of the Data Access Components to fail. After that, theoretically, the offender could execute any code on your PC. If your system runs Windows XP, you're already protected. If it doesn't, get the details, as well as the link to the fix, from Microsoft.
Despite releasing Service Pack 1 for IE 6 last October and following up with a slew of other stand-alone fixes, Microsoft has rolled out two more cumulative patches. The first cumulative patch deals with six holes, but you're better off installing the second cumulative patch, as it handles those six vulnerabilities and a seventh one. The worst flaw could enable an Internet peeper to have a gander at data that you've stored on your PC.
Not every version of Windows is in danger of being hacked, but IE versions 5.01 through 6 are affected by six holes, while the seventh flaw affects IE 5.5 and 6. The situation gets complicated. Visit our Downloads page to discover whether your versions of Windows and IE are vulnerable, and to grab a link to the newer cumulative patch.
Get Real?
The three RealNetworks security defects endanger RealOne Player version 1. At press time, the company was not able to confirm whether earlier versions of the program (RealPlayer) are also susceptible. The potential attack would allow an invader to run arbitrary programs on a user's machine. A company spokesperson recommended that anyone using RealPlayer 8 or earlier versions upgrade their program to RealOne Player version 2. Jump to the RealNetworks support site for more details and for the update to fix your player. Alternatively, within the player, select Tools, Check for Update.
- Page 1 of 3
- Next »
Would you recommend this story? YES NO
-
PCWorld on your iPad!
PCWorldDaily gives you the best from our experts each day.
-
Become an Android authority
Play music or games, run productivity apps and essential utilities.
-
21 Ways to Buff Up Your Browser
- Bugs and Fixes: Medicine for IE, Outlook, and Windows
-
10 Tips to Make Your Web Browser Less Annoying
-
Make Your Open Tabs Reappear When You Restart Your Browser, Internet Explorer Edition
- Bugs and Fixes: Fix Windows XP SP2 Installation Woes
-
Adobe Reader, IE 7 Holes Under Attack
-
IdeaPad U300s If there's a laptop that deserves the moniker "Ultrabook" it's the Lenovo IdeaPad U300s.
Buy now direct from Lenovo -
ThinkPad X220 Fast and light, with great input ergonomics and battery life, this powerhouse ultraportable is best-of-breed.
Buy now direct from Lenovo -
ThinkPad T420 Just about every IT person we know swears by the T series--for their clients and themselves.
Buy now direct from Lenovo
- Find Good Medical Advice on the Web Spiderowych asked the Answer Line Forum to recommend medical information Web sites.
- Google Chrome Overtakes Internet Explorer While Chrome leads the browser market worldwide, in the U.S. it still has a lot of catching up to do, with Microsoft’s IE still dominant at home and Chrome nearly tied with Firefox.
- Twitter Tweaks Privacy Policy, Adds Custom Digests The microblogging site offers more information on its data collection habits and promises to support Do Not Track.
- Light Trikes Let You Do Battle Tron-Style, Are Also Super Cool This Tron video game, spotted at Maker Faire, brings the physical and virtual world together.
- 12 Criteria for Selecting the Best ERP System Replacement An ERP system is your information backbone and reaches into all areas of your business and value chain. Replacing it can open unlimited business opportunities. This white paper explains the 12 criteria that allow you to identify and select the solution that will meet these expectations.
- Leveraging Social Computing Technologies for ERP Applications This white paper details how Web 2.0 technologies support business strategies by improving efficiency, productivity, and collaboration.
-
Google Chrome Overtakes Internet Explorer
-
Flashback Malware Didn't Glean Big Bucks
-
37 Tech Shortcuts From the Experts
-
Nintendo Wii U Not Yet Out, But Purported Photo Surfaces
-
Why Apple is Making OS X More Like iOS
-
Mercury Accelsior SSD an Impressive Upgrade for Mac Pro
-
China Approves Google Acquisition of Motorola Mobility
-
NASA Google Map Shows Path of Solar Eclipse
-
iTunes Syncing Made Easy
-
Embark on an Irreverent Cartoon Adventure with Sam and Max: Abe Lincoln Must Die Game
-
Facebook Hit with Lawsuit Alleging Privacy Wrongs
-
Ditch iTunes: Manage Multimedia on the iPhone Your Way
Ad Choices