Microsoft battles to fix “very dangerous” bug
SEATTLE: Microsoft Corp is rushing to create a patch for flaws in its Internet Explorer web browser, versions 4 and 5, and in Outlook 98. These flaws allow anyone who has a website, or who can send email in HTML format, to upload instructions to the victim’s computer. Phuket-based computer expert Michael Jenselius said: “Anybody can do it through a homepage or through e-mail. It’s really easy for anyone with some programming skills. They can tell your computer to delete essential files on the hard drive, send all your passwords to another email address or send messages to crash your network. It’s very dangerous.” Microsoft recently released a patch for what it calls the “scriptlet.typelib/Eyedog vulnerability”. The patch can be obtained through https://www.microsoft.com/Security/Bulletins/ms99-032.asp. But three days ago, InternetNews.com announced that Bulgarian computer consultant Georgi Guninski has discovered another, similar security flaw affecting Internet Explorer and Outlook, which also enables a malicious hacker to place a program on the victim’s hard disk, to be executed at the next reboot. “I think this is the most significant of my discoveries and also the most dangerous,” Guninski was quoted as having told InternetNews Radio. “It allows a Web page or e-mail message to take control of the computer and do anything.” Guninski said he believes that Microsoft has reproduced the bug and plans to issue a patch. In the meantime, he says, Internet Explorer users can protect themselves by disabling the ActiveX controls and plug-ins on their browsers. To do this, in Internet Explorer, go to Tools, Security, Custom Level, and click the button to disable “Run ActiveX controls and plug-ins”. This also fixes the problem in Outlook 98.
Phuket NewsLeave a Reply
You must be logged in to post a comment.