Re: Microsoft Security Bulletin (MS99-043)

John Madden (weezAVENIR.DHS.ORG)
Thu, 18 Nov 1999 07:32:37 -0500

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Elias Levy: "Re: rpc.ttdbserverd on solaris 7 In-reply-to: Your message of "Tue, 16 Nov 1999 14:34:41 PST." <3831DC01.BFE5B400nis.acs.uci.edu>"
• Previous message: Michal Zalewski: "Re: lynx 2.8.x - 'special URLs' anti-spoofing protection is weak"

> Patch Available for "Javascript Redirect" Vulnerability
> Originally Posted: October 18, 1999
> Re-released: November 17, 1999
>
> Summary
> =======
> On October 18, 1999, Microsoft released the original version of this
> bulletin, in order to advise customers of a workaround for a vulnerability
> in Microsoft(r) Internet Explorer. The vulnerability could allow a
> malicious web site operator to read files on the computer of a user who
> visited the site, under certain circumstances. Microsoft has completed a
> patch that completely eliminates the vulnerability, and has re-released
> this bulletin in order to advise customers of its availability.

Egads, a month for a patch? Who are they kidding?

Note that IE 5.01 is also out, and probably already contains this patch.

• Next message: Elias Levy: "Re: rpc.ttdbserverd on solaris 7 In-reply-to: Your message of "Tue, 16 Nov 1999 14:34:41 PST." <3831DC01.BFE5B400nis.acs.uci.edu>"
• Previous message: Michal Zalewski: "Re: lynx 2.8.x - 'special URLs' anti-spoofing protection is weak"

This archive was generated by hypermail 2.0b3 on Thu Nov 18 1999 - 12:29:05 CST