The Internet Explorer vulnerability affects versions 5.5 and 6.0 but not 5.01. It is addressed in a cumulative patch for Internet Explorer that can be found at http://www.microsoft.com/technet/security/bulletin/MS02-068.asp.
The new vulnerability involves a flaw in IE's cross-domain security model that arises from IE's incomplete security checks when certain object caching techniques are used on Web pages. The flaw could result in information disclosure.
The flaw in Microsoft's flagship e-mail client exists in the way Outlook 2002 processes e-mail header information. To execute this denial of service attack, an attacker would need to send a specially malformed e-mail to the Outlook 2002 user. The message would cause Outlook 2002 to fail and the e-mail client application would continue to fail until the message is removed from the server. The message removal could be done at the server level by an administrator or by the client using another e-mail client, such as Outlook Web Access or Outlook Express.
The patch for the Outlook 2002 vulnerability can be found at
About the Author
Scott Bekker is editor in chief of Redmond Channel Partner magazine.
Microsoft on Tuesday announced a preview of the artificial intelligence (AI)-generated Bing Image Creator in the Microsoft Edge browser, along with new Stories and Knowledge Card 2.0 Bing search capabilities.
Microsoft on Tuesday announced a preview of OpenAI's GPT-4 artificial intelligence (AI) model for users of the Azure OpenAI service.
Organizations using Windows Server Update Services (WSUS) or Configuration Manager will be getting a 10GB download next week that will kick off Microsoft's Windows 11 version 22H2 Unified Update Platform (UUP) servicing scheme for those premises-based management tools, Microsoft warned on Monday.
Microsoft this week announced that Azure Firewall Basic is now at the "general availability" commercial-release stage.
Microsoft this week announced Semantic Kernel, a new open source framework on GitHub at the early preview stage that aims to help developers tap artificial intelligence (AI) and large language models in their applications.
More Tech Library