Advertisement
Promo

Security threats Toolkit

IE may share Mozilla 'shell:' flaw

Jo Best silicon.com

Published: 13 Jul 2004 15:35 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Mozilla, the browser that's weaning a portion of the Internet Explorer faithful away from Redmond's offerings, discovered last week that it had a security hole – not good news for a browser that's been touted by followers as a winner on security. This week, it seems the very same hole could be turning up in IE.

Secunia, which tracks software vulnerabilities and shared Mozilla's flaw with the public, has announced that IE could be equally vulnerable.

The flaw means that MSN Messenger and Word could allow malware merchants to run programs via embedded links included in Word documents or IM messages as it doesn't protect access to the "shell:" functionality.

The Mozilla Foundation has already issued a patch. Microsoft is investigating the possibility of Internet Explorer being vulnerable to the same flaw but has heard of no reported cases of the hole being used as a basis for attacks.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
67 out of 121 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

3 comments

  1. A detail the Mozilla shell was OK per se, it's a... Claude Almansi
  2. Am I reading this right? For Microsoft to bother f... Anonymous
  3. I seem to recall the vulnerability being not with... Anonymous

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:






Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Beware of keeping your head in the clo...

Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in... More

1 comment

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters