|
PureBytes Links
Trading Reference Links
|
Several new vulnerabilities in web browser IE5 and their patches are posted by Microsoft at ...
http://www.microsoft.com/windows/ie/download/default.htm
The latest patch covers these newly found bugs...
1. A vulnerability that prevents Internet Explorer from correctly validating the digital certificates used in Secure Sockets Layer (SSL) sessions. Under a certain set of conditions, this vulnerability enables a malicious Web site operator to make his or her Web site appear to be a trusted site when it is not.
2. A vulnerability that could enable an attacker to make his or her Web site appear to be a different site. By posing as a site that you trust, the attacker's site might be able to persuade you to provide information that you would only provide to a trusted site.
3. The two new variants of the "Frame Domain Verification" vulnerability. These vulnerabilities could allow a malicious Web site operator to read, but not change or add, files on the computer of a visiting user.
- Mark Jurik
|