Windows XP and 2000 Users Beware – New “High Risk” Flaws in Outlook and Internet Explorer
0 (0)

The Internet Patrol - Patrolling the Internet for You
Rate this post!
 


Newly discovered flaws in both Outlook and Internet Explorer (IE) were uncovered and announced over the weekend. The security holes are considered to be especially “high risk” in part because they require little to no user interaction in order for a third-party to exploit them. The security flaws exist in the default installations of Windows XP, Windows 2000, Windows NT 4.0, and Windows Server 2003.

A Windows user’s computer can become infected through these holes by doing nothing more than web surfing to a site which is infected.


“If a user is tricked (into going) to a site carrying malicious code, they can become infected by just surfing across a banner ad,” according to Ben Nagy, a senior security engineer with eEye Security, which discovered and announced the flaws.

While Microsoft has been made aware of the issue, a Microsoft spokesperson stated that “At this time, Microsoft is not aware of any malicious attacks attempting to exploit the reported vulnerabilities, and there is no customer impact based on this issue.” She added that “Upon completion of this investigation, Microsoft will take the appropriate action to protect our customers, which may include providing a fix through a service pack, our monthly release process or an out-of-cycle security update, depending on customer needs.”

Nagy of eEye confirms this, saying that “Microsoft has acknowledged a vulnerability does exist and is real, but I doubt they will release a patch out of (their monthly) cycle.”

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

So what can the end user do in the meantime, besides cross their fingers and hope that this doesn’t happen to them? Well, perhaps the most important is to not open email if it’s not email from someone or somewhere you know – you know, if it seems like it’s likely to be spam, and to especially not click on links inside such email.

And wait for Microsoft’s next patch.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

Rate this post!
 

2 thoughts on “Windows XP and 2000 Users Beware – New “High Risk” Flaws in Outlook and Internet Explorer
0 (0)

  1. Excerpt from interview with Microsoft Rep:
    http://www.washingtonpost.com/wp-dyn/articles/A38496-2004Aug27.html

    Washington, D.C.: What specifically does Microsoft Homeland Security do? Sell software? Services?

    Tom Richey: Our goal has been to assist in the development of technology to help detect, prevent, and deter terrorist activity in both small and large cities – linking everyone from the top intelligence official to the cop on the street – in a worldwide effort to stay one step ahead of those who threaten America.

  2. My comments on this matter can be easily dismissed as the delusional ramblings of a parinoid conspiracy theorist, however I challenge everyone to provide evidence which proves me wrong. Windows does not have security flaws, what it does have is access methods which are included by design. While this is still only a theory, it based entirely on the facts. Microsoft was found guilty of antitrust violations. The guilty verdict was upheld by the appelate courts. Microsoft was not sentenced for the crimes. The DOJ allowed the guilty party to negotiate their punishment. In return Microsoft agreed to include easy access methods whereby “Big Brother” can easily read our files and monitor our onlne activities. When security experts discover these access methods the “gullible majority” still believe that a security flaw exists.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.