ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Prices
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


IT Jobs

Desktop platforms Toolkit in association with http://ad.doubleclick.net/clk;205413468;14699245;m?http://adfarm.mediaplex.com/ad/ck/2397-58840-22058-14

New security scares for Outlook and IE

Dawn Kawamoto CNET News.com

Published: 04 Apr 2005 09:00 BST

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

A new set of highly critical flaws has been discovered in Microsoft's Internet Explorer and Outlook programs, according to research company eEye Digital Security.

The vulnerabilities allow for remote code execution with no actions from the computer user, eEye said. Although the flaws would not allow self-propagating worms to infiltrate a system, there is the potential of attackers installing backdoor Trojans without a person's knowledge, Ben Nagy, an eEye senior security engineer, said on Friday.

"If a user is tricked (into going) to a site carrying malicious code, they can become infected by just surfing across a banner ad," Nagy said.

eEye notified Microsoft several days ago of the flaws in the default installation of Outlook and IE and is giving the software giant time to develop a patch before releasing details on which versions of the software are affected, Nagy said.

For now, only a few details are included in eEye's page of upcoming advisories.

Nagy added that eEye is also still conducting its own testing of various platforms to evaluate which ones are affected and to what degree.

No exploits are known to have been developed yet, Nagy said.

"Microsoft has acknowledged a vulnerability does exist and is real, but I doubt they will release a patch out of [their monthly] cycle," Nagy said.

Microsoft, meanwhile, said it is investigating a number of possible vulnerabilities in Windows which were reported to it privately.

"At this time, Microsoft is not aware of any malicious attacks attempting to exploit the reported vulnerabilities, and there is no customer impact based on this issue," said a company spokeswoman. "Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a fix through a service pack, our monthly release process or an out-of-cycle security update, depending on customer needs."

  • Email
  • Trackback
  • Clip Link
  • Print friendly Print with Dell

Did you find this article useful?
37 out of 121 people found this useful


Talkback

Post a comment


Full Talkback thread

1 comment

  1. Ok IT admins. There's a huge gaping hole in your n... Steve J

Related Links

More In Desktop platforms



Company/Topic Alerts

Create a new alert from the list below:








Related Jobs

Quality Lead - Unilever - Level C-00055185

Support implementation coordination for agreed QPI, SOX and Security controls Manage one quality team member who will support these activities Main ...

Service Delivery Manager - Customer Development & Food solutions - IT Manager - St. David\'s Park, Teeside , North West

Recognises, and actively seeks ways to exploit information technology to address complex business, organisational and technical issues, of both a ...

Applications Management Analyst-00053787

Essential: Visual Basic 6.0 skills .Net Skills SQL 2000 / 2005 skills Good written and spoken communications skills Ability to understand and capture ...

Featured Talkback

So if you upgrade to XP SP3 you can't uninstall Internet Explorer, I'm quite sure I'm having a Deja-vu feeling about MS preventing people from uninstalling Internet Explorer in other Windows products.

By: TheKLF99

Read full story:
Upgraders to XP SP3 warned over IE downgrades

Desktop Management Benchmarking

Test Your Desktop Management Systems

How good are your company's desktop management solutions? How do they compare with those of your peers?

Take two minutes to complete our new Desktop Management and Energy Consumption benchmark, and find out what issues your business needs to focus on.