Socraweb

A new patch of Microsoft offers Explore a solution for a serious vulnerability in Internet. The problem has to make indirect with ActiveX. It goes around be remedied a so-called cumulatieve patch - also older and already known problems.

In the monthly bulletin of Microsoft, two leaks are described. The most awful (described as “critical”) has relation on all Windows-versions and Internet Explore 5.01, 5.5 and 6.0. Exceptional also patches is that Microsoft offers for Windows 98 and Millennium - an indication of the seriousness of the affair. This Windows-versions are end or life And become alone of patches foresee as it something serious at the hand is.

The technical details of the vulnerability are described in a bulletin of Microsoft. According to this explanation, the mistake in the afhandeling of COM- and CATHEDRAL-objects sit through which an attacker own code install and export can on a pc. He will that do through the surfer to a webpage to entice in which the code hidden is.

The American authorities agency US-CERT offers someone else, drastic solution. According to US-CERT, administrators correct can be reproduced Explore to connect about it also for molars ActiveX out, although particular websites then not longer in Internet.

The recommendation of US-CERT is anyhow enthousiastic goods received through the Firefox-camp. They let us assume that through ActiveX Internet Explore inherent unsafe is and refuse this technology to support.

The rootkit of SonyBMG
The patch that contain appeared today until end, a remarkable part: a so-called killbit For the abused rootkit that flat firm SonyBMG via a number of American musiccd's spread. Microsoft comes into the discussion because older versions of this rootkit through hackers could abuses become. The patch sees to for it that these older versions not longer work.