On Sat, 07 Oct 2006 15:20:51 +0100, Roy Schestowitz wrote:
> __/ [ B Gruff ] on Saturday 07 October 2006 14:44 \__
>
>> On Saturday 07 October 2006 13:16 Erik Funkenbusch wrote:
>>
>>>> The vulnerability is confirmed on a fully patched system with
>>>> Internet Explorer 6.0 and Microsoft Windows XP SP2. Other versions
>>>> may also be affected.
>>>
>>> But apparently not IE7. Just goes to show that Microsoft is reducing the
>>> risks with IE7.
>>
>> Reducing the risks?
>> Come on now, Erik - is IE7 risk-free, or is it full of risks?
>>
>> Security is a binary thing, remember?
>
> http://news.com.com/2100-1002_3-6034054.html?part=rss&tag=6034054&subj=news
>
> "But browser testers may already be at risk, according to security researcher
> Tom Ferris. Late Tuesday, Ferris released details of a potential security
> flaw in IE 7. An attacker could exploit the flaw by crafting a special Web
> page that could be used to crash the browser or gain complete control of a
> vulnerable system, Ferris said in an advisory on his Web site. Microsoft had
> no immediate comment on Ferris' alert."
Uhh.. Febuary 1st.
|
|
