- Recommend:
Second Cumulative Patch for Internet Explorer 5.5 and 6
- Downloads Count: 116,430
- License Type: Free
- Price: Free
- Date Added: Dec 23, 2002
- Operating Systems: Microsoft Windows NT 4.0, Microsoft Windows 2000, Microsoft Windows 98, Microsoft Windows ME, Microsoft Windows 98, Microsoft Windows ME, Microsoft Windows XP
- Author: Microsoft
Description of Second Cumulative Patch for Internet Explorer 5.5 and 6
Internet Explorer 5.5 and 6, like most new software offerings, come with a whole new set of problems. But how do you keep up with all the most current patches? This update closes all known security holes affecting these browsers (as of December 13) and addresses three new security issues: One security flaw allows an attacker to alter HTML header information to make IE believe that an executable file is actually a different type of file--one that it is appropriate to simply open without asking the user for confirmation. This could enable the attacker to create a Web page or HTML e-mail that, when opened, would automatically run an executable on the user's system. This vulnerability affects IE 6.0 only, not 5.5.
The second issue is a newly discovered variant of the Frame Domain Verification vulnerability. This could enable a malicious Web site operator to open two browser windows, one in the web site's domain and the other on the user's local file system, and to pass information from the latter to the former. This could enable the site operator to read, but not change, any file on the user's local computer that could be opened in a browser window. This affects both IE 5.5 and 6.0.
The third flaw is related to the display of file names in the File Download dialog box. When a download is initiated, a dialog provides the name of the file. However, in some cases it is possible for an attacker to misrepresent the name of the file in the dialog. This could be invoked from a Web page or in an HTML e-mail in an attempt to fool users into accepting unsafe file types from a trusted source. This vulnerability affects both IE 5.5 and 6.0.
Sponsored
-
Fix all of the known security bugs in Internet Explorer 5.5 and 6.
-
Differentiate between "good" and "bad" cookies with this free update.
-
Remove banner ads on the Web pages you visit.
-
Correct many of the issues surrounding Office XP with this collection of patches.
-
Find the security holes in your network before an attack.
-
Customize your MSIE browser.
-
Eliminate two ActiveX bugs that leave your computer vulnerable.
-
Expand your networking features.
-
Navigate the Web by using only your melodic vocal cords.
-
Access add-in provides much-needed tools for programmers and users.
-
ThinkPad Edge E420 Lenovo Style in an Affordable Package
Buy now direct from Lenovo -
ThinkPad X220 Fast and light, with great input ergonomics and battery life, this powerhouse ultraportable is best-of-breed.
Buy now direct from Lenovo -
ThinkPad X120e One of the best netbooks ever, X120e has the best netbook keyboard ever--nothing else comes close
Buy now direct from Lenovo
Ad Choices