IE hole patch
IE hole patch
Is this one of them patches where if you install it it will cause other quirks? I noticed there is no uninstall available...kind of leery about MS patches, ever since their Office 2k SR-1 messed up my computer and I had to uninstall office to get it working back to normal again.... 
ok...here is the article from wired.com
IE Hole Surrenders Your Computer
by Michelle Delio
8:00 a.m. Mar. 30, 2001 PST
A dangerous security hole has been discovered in Microsoft's Internet Explorer.
Spanish security expert Juan Carlos Cuartango discovered the hole, which allows attackers complete access and control over any computer running any version of the Windows operating system and Internet Explorer Versions 5 and 5.5.
An attacker can gain control of another user's machine using an HTML-formatted e-mail with an attachment that contains a small remote-control program. The e-mail can be sent directly to the victim, or can be placed on a website.
Unlike previous e-mail-activated attacks, the victim of this attack does not have to download the e-mail or click on the attachment for it to work. If a malicious user sends an affected HTML e-mail or hosts an affected e-mail on a website, and a user opens the e-mail or visits the website, Internet Explorer automatically runs the excecutable program on the user's computer.
Typically, attackers will exploit the hole by sending a provocative e-mail to prospective victims in an attempt to lure them to the malicious website.
Once a computer has been compromised, the attacker -- working from a remote location -- can do anything the computer's owner could do on the machine.
"This is the biggest Microsoft Internet Explorer vulnerability I have ever discovered," said Cuartango, who details the hole and its ramifications for Windows computer users on his Spanish-language website.
Microsoft was not immediately available for comment, but has released a "critical" security alert as well as a patch to fix the hole.
Microsoft strongly advises "all customers using Microsoft Internet Explorer to install the patch immediately."
The company says full documentation of the problem will be posted by Saturday.
Cuartango said he alerted Microsoft to the problem on Feb. 14.
"Microsoft responded immediately and their security team also started working immediately to produce a fix," he said.
patch: http://www.microsoft.com/windows/ie/download/critical/Q290108/default.asp
den2
ok...here is the article from wired.com
IE Hole Surrenders Your Computer
by Michelle Delio
8:00 a.m. Mar. 30, 2001 PST
A dangerous security hole has been discovered in Microsoft's Internet Explorer.
Spanish security expert Juan Carlos Cuartango discovered the hole, which allows attackers complete access and control over any computer running any version of the Windows operating system and Internet Explorer Versions 5 and 5.5.
An attacker can gain control of another user's machine using an HTML-formatted e-mail with an attachment that contains a small remote-control program. The e-mail can be sent directly to the victim, or can be placed on a website.
Unlike previous e-mail-activated attacks, the victim of this attack does not have to download the e-mail or click on the attachment for it to work. If a malicious user sends an affected HTML e-mail or hosts an affected e-mail on a website, and a user opens the e-mail or visits the website, Internet Explorer automatically runs the excecutable program on the user's computer.
Typically, attackers will exploit the hole by sending a provocative e-mail to prospective victims in an attempt to lure them to the malicious website.
Once a computer has been compromised, the attacker -- working from a remote location -- can do anything the computer's owner could do on the machine.
"This is the biggest Microsoft Internet Explorer vulnerability I have ever discovered," said Cuartango, who details the hole and its ramifications for Windows computer users on his Spanish-language website.
Microsoft was not immediately available for comment, but has released a "critical" security alert as well as a patch to fix the hole.
Microsoft strongly advises "all customers using Microsoft Internet Explorer to install the patch immediately."
The company says full documentation of the problem will be posted by Saturday.
Cuartango said he alerted Microsoft to the problem on Feb. 14.
"Microsoft responded immediately and their security team also started working immediately to produce a fix," he said.
patch: http://www.microsoft.com/windows/ie/download/critical/Q290108/default.asp
den2
sittin' in da mushroom forest, pondering what mushroom ponder.... 