News

IE Patch Flawed

Microsoft put out a new version of a cumulative security patch for Internet Explorer originally released last week due to problems with users being locked out of some subscription-based Web sites and their MSN e-mail.

Microsoft said the problem primarily affected consumers and the company emphasized that the problem had nothing to do with the underlying security issue addressed by the patch.

"It is important to note that this hotfix corrects a very specific non-security issue, and that the security patch discussed in this Security Bulletin was, and still is, effective in removing the vulnerabilities discussed later in this bulletin," Microsoft officials wrote.

The original patch, MS03-004, was issued last Wednesday as a "critical" issue and fixed two security flaws in IE's cross-domain security model, which prevents windows of different domains from sharing information.

The flaw affected IE 5.01, 5.5 and 6.0.

It was the second fixed patch issued in a week. Last Friday, Microsoft reissued a patch from late 2002 that had been causing Windows NT 4.0 systems to crash.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Windows Server 20H1 Getting Smaller Containers and Faster PowerShell

    Microsoft is promising to deliver a smaller container size and improved PowerShell performance with its next release of Windows Server.

  • Microsoft Previews Microsoft Teams for Linux

    Microsoft on Tuesday announced a "limited preview" release of Microsoft Teams for certain Linux desktop operating systems.

  • Hyper-V Architecture: Some Clarifications

    Brien answers two thought-provoking reader questions. First, do Hyper-V VMs have direct hardware access? And second, how is it possible to monitor VM resource consumption from the host operating system?

  • Old Stone Wall Graphic

    Microsoft Addressing 36 Vulnerabilities in December Security Patch Release

    Microsoft on Tuesday delivered its December bundle of security patches, which affect Windows, Internet Explorer, Office, Skype for Business, SQL Server and Visual Studio.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.