- Recommend:
Second Cumulative Patch for Internet Explorer 5.5 and 6
- Downloads Count: 116,450
- License Type: Free
- Price: Free
- Date Added: Dec 23, 2002
- Operating Systems: Microsoft Windows NT 4.0, Microsoft Windows 2000, Microsoft Windows 98, Microsoft Windows ME, Microsoft Windows 98, Microsoft Windows ME, Microsoft Windows XP
- Author: Microsoft
Description of Second Cumulative Patch for Internet Explorer 5.5 and 6
Internet Explorer 5.5 and 6, like most new software offerings, come with a whole new set of problems. But how do you keep up with all the most current patches? This update closes all known security holes affecting these browsers (as of December 13) and addresses three new security issues: One security flaw allows an attacker to alter HTML header information to make IE believe that an executable file is actually a different type of file--one that it is appropriate to simply open without asking the user for confirmation. This could enable the attacker to create a Web page or HTML e-mail that, when opened, would automatically run an executable on the user's system. This vulnerability affects IE 6.0 only, not 5.5.
The second issue is a newly discovered variant of the Frame Domain Verification vulnerability. This could enable a malicious Web site operator to open two browser windows, one in the web site's domain and the other on the user's local file system, and to pass information from the latter to the former. This could enable the site operator to read, but not change, any file on the user's local computer that could be opened in a browser window. This affects both IE 5.5 and 6.0.
The third flaw is related to the display of file names in the File Download dialog box. When a download is initiated, a dialog provides the name of the file. However, in some cases it is possible for an attacker to misrepresent the name of the file in the dialog. This could be invoked from a Web page or in an HTML e-mail in an attempt to fool users into accepting unsafe file types from a trusted source. This vulnerability affects both IE 5.5 and 6.0.
Sponsored
-
Fix bugs that affect the security of your Internet connection when you use IE 5.x or 6.x.
-
Ensure that all AOL images are showing with this Windows 2000 patch.
-
Put a search engine and a powerful bookmark utility in your browser's title bar.
-
Eliminate two ActiveX bugs that leave your computer vulnerable.
-
Enhance Internet searches via Internet Explorer directly from the address bar.
-
Remove banner ads on the Web pages you visit.
-
Surf anonymously with the click of a button in your IE toolbar.
-
Stop hackers from executing code on your PC.
-
Update security and correct buffer overruns in Explorer 4.0.
-
Install this patch to fix a security hole in IE4.
-
IdeaPad U300s If there's a laptop that deserves the moniker "Ultrabook" it's the Lenovo IdeaPad U300s.
Buy now direct from Lenovo -
ThinkPad X220 Fast and light, with great input ergonomics and battery life, this powerhouse ultraportable is best-of-breed.
Buy now direct from Lenovo -
ThinkPad T420 Just about every IT person we know swears by the T series--for their clients and themselves.
Buy now direct from Lenovo
Ad Choices