Microsoft, Mozilla look into browser flaws

Microsoft and Mozilla are each working to tackle recently disclosed security flaws in the Internet Explorer and Firefox Web browsers.

The vulnerabilities were described earlier this week in postings to a popular security mailing list by researcher Michal Zalewski. Each browser could enable miscreants to grab data via malicious Web sites, Zalewski said.

In addition, another Firefox flaw could let attackers change cookie files on the user's PC, he said.

In the case of Internet Explorer, the problem affects the latest version, IE 7, and probably earlier releases, Zalewski wrote. Microsoft confirmed that the flaw could open up files stored on a PC's hard drive to an attacker, but only if the location of a given file is already known.

"In order to be successful, an attacker in advance would have to convince the user to enter the location of a file into an attacker's Web page through social engineering," a Microsoft representative said in an e-mail statement Friday. The software giant is still investigating the issue and will take "appropriate action," the representative said.

View: Full Article @ CNet News

Report a problem with article
Previous Story

New Release: Chart ModelKit 2.3 is available.

Next Story

Ballmer: Pirates won't have it easy with Vista


Commenting is disabled on this article.

MS trying to fix some of the countless IE flaws? That really reminds me of Sisyphus:

Sisyphus is the son of Aeolus (the king of Thessaly) and Enarete, and founder of Corinth. He instituted, among others, the Isthmian Games. According to tradition he was sly and evil and used to way-lay travelers and murder them. He betrayed the secrets of the gods and chained the god of death, Thanatos, so the deceased could not reach the underworld. Hades himself intervened and Sisyphus was severely punished.

In the realm of the dead, he is forced to roll a block of stone against a steep hill, which tumbles back down when he reaches the top. Then the whole process starts again, lasting all eternity.

They should better spend their time on improving Vista rather than wasting their time there.

LukeMcNuggets said,
working together? anyone seen some headless horsemen recently?

it never says they are working together