Back to the main page

Mailing List Logs for ShadowRN

Message no. 1
From: David Buehrer <dbuehrer@****.ORG>
Subject: [OT] MIE Security Hole
Date: Thu, 6 Mar 1997 13:33:59 -0700
I thought I would forward this to the list. This is _not_
an urban myth.

| In case you havn't heard yet, there's a hole in the security of Microsoft's
| Internet Explorer versions 3.0 and 3.01.
|
| This hole allows someones web page to have a hotlink that can alter your
| hard disk. For details on what exactly this problem is, please visit the
| web site of the company who found the hole. Their URL is:
|
| http://www.cybersnot.com/iebug.html

-David
--
/^\/^\/^\/^\/^\/^\/^\ dbuehrer@****.org /^\/^\/^\/^\/^\/^\/^\
"His thoughts tumbled in his head, making and breaking
alliances like underpants in a dryer without Cling Free."
~~~http://www.geocities.com/TimesSquare/1068/homepage.htm~~~~
Message no. 2
From: Dark Avenger <Avenger@*******.DEMON.CO.UK>
Subject: Re: [OT] MIE Security Hole
Date: Sat, 8 Mar 1997 02:25:47 +0000
In article <199703062033.NAA05679@******>, David Buehrer
<dbuehrer@****.ORG> writes
>I thought I would forward this to the list. This is _not_
>an urban myth.
>
>| In case you havn't heard yet, there's a hole in the security of Microsoft's
>| Internet Explorer versions 3.0 and 3.01.
>|
>| This hole allows someones web page to have a hotlink that can alter your
>| hard disk. For details on what exactly this problem is, please visit the
>| web site of the company who found the hole. Their URL is:
>|
>| http://www.cybersnot.com/iebug.html

Though this is in fact true, a fix is readily available and widely
spread.

For anyone concerned about this and using IE3/3.01 the fixes are
available from

http://www.microsoft.com/ie/security/update.htm

And more information can be found at http://www.microsoft.com/ie/


--
__ \ | \
| | _` | __| | / _ \ \ \ / _ \ __ \ _` | _ \ __|
| | ( | | < ___ \ \ \ / __/ | | ( | __/ |
____/ \__,_|_| _|\_\ _/ _\ \_/ \___|_| _|\__, |\___|_|
A dark shadow in a dark world |___/
Message no. 3
From: Droopy <droopy@*******.NB.NET>
Subject: Re: [OT] MIE Security Hole
Date: Tue, 11 Mar 1997 16:27:18 +0000
> From: Dark Avenger <Avenger@*******.DEMON.CO.UK>
> Subject: Re: [OT] MIE Security Hole

> >| In case you havn't heard yet, there's a hole in the security of Microsoft's
> >| Internet Explorer versions 3.0 and 3.01.

> Though this is in fact true, a fix is readily available and widely
> spread.

It should be, that hole was discovered a week after IE3.0 was
released. Microsoft just kept it quiet and was working on a patch.
Someone else must've found it recently and made a stink about it.


--Droopy
droopy@**.net

Further Reading

If you enjoyed reading about [OT] MIE Security Hole, you may also be interested in:

Disclaimer

These messages were posted a long time ago on a mailing list far, far away. The copyright to their contents probably lies with the original authors of the individual messages, but since they were published in an electronic forum that anyone could subscribe to, and the logs were available to subscribers and most likely non-subscribers as well, it's felt that re-publishing them here is a kind of public service.

Thwap!