More Security Holes Found In Internet Explorer 6.0

Three more vulnerabilities in Microsoft's Internet Explorer 6.0 browser were disclosed by Danish security vendor Secunia.

November 18, 2004

2 Min Read
Network Computing logo

Three more vulnerabilities in Microsoft's Internet Explorer 6.0 browser were disclosed Wednesday by Danish security vendor Secunia, bringing the total of IE bugs found by the firm in the last two months to an even dozen.

Two of the flaws were tagged as "moderately critical" by Secunia, which relayed the warnings from a pair of researchers in an online alert posted to its site. One relates to the Windows XP SP2 feature that warns users when opening certain types of downloaded files, such as .exe files. A hacker could create a HTTP header or a specially-made URL, said Secunia, to bypass that warning.

The second of the pair involves a bug in how some documents are saved using a Javascript function. The vulnerability can be exploited to spoof the file extension in the "Save HTML Document" dialog box.

"A combination of [the] vulnerabilities can be exploited by a malicious Web site to trick a user into downloading a malicious executable file masqueraded as a HTML document," said Secunia in its online advisory.

There is no fix for the two IE holes since they can even be exploited on Microsoft's newest edition of IE 6.0, the one delivered with SP2.The third flaw, dubbed "not critical," stems from a how IE 6.0 handles cookies. It might be possible for a hacker, using a malicious Web site, to hijack a Web session (although not compromise the computer itself).

Internet Explorer and Windows XP SP2 have been taking hits of late from security researchers. A week ago, Finjan Software said that SP2 had 10 unpatched vulnerabilities, several of which related to new security features intended to protect IE users from downloading possibly malicious files.

Microsoft reacted to the news of more gaffes in IE with a variation of its usual comment. "We are aggressively investigating the public reports [and] will take the appropriate action to further protect customers..depending on customer needs," a spokesperson wrote in an e-mail to TechWeb. "We have not been made aware of any active attacks against the reported vulnerabilities at this time," the spokesperson added.

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights