|
|
Microsoft IE5 IFRAME Vulnerability
Solution: Microsoft has released patches for IE 4.01 and IE5. The IE 4.01 patch is included as part of the IE 4.01 Service Pack 2, available via: http://www.microsoft.com/windows/ie/download/windows.htm The IE5 patch is available as an individual fix from: Intel: ftp://ftp.microsoft.com/peropsys/IE/IE-Public/Fixes/usa/IE50/MSHTML-fix/x86/q243638.exe Alpha: ftp://ftp.microsoft.com/peropsys/IE/IE-Public/Fixes/usa/IE50/MSHTML-fix/Alpha/q243638.exe The Microsoft Advisory MS 99-042 notes: "The IE5 patch also includes the previously-released fix for the "Download Behavior" vulnerability, discussed in http://www.microsoft.com/security/bulletins/ms99-040.asp." This patch has been shown to undo the fixes made and released with MS advisory 99-012 for the Cross-Frame and %01 vulnerabiltiies (http://www.securityfocus.com/bid/117). |
|
Privacy Statement |