[4667] in WWW Security List Archive
Re: Big IE hole
daemon@ATHENA.MIT.EDU (BVE)
Wed Mar 5 15:59:25 1997
Date: Wed, 5 Mar 97 12:43:09 EST
From: bve@quadrix.com (BVE)
To: www-security@ns2.rutgers.edu
In-Reply-To: <Pine.A32.3.95-heb-2.07.970304150544.56509F-100000@rex.ibm.net.il> (message from Eli Beker on Tue, 4 Mar 1997 15:11:54 +0200 (IST))
Errors-To: owner-www-security@ns2.rutgers.edu
From: Eli Beker <beker@ibm.net.il>
According to Microsoft :
Any users running Internet Explorer 3.0 or 3.01 for Windows 95 and Windows
NT could potentially be at risk. However, there is only one Web
site that illustrates the issue that we know about, and it is only for
demonstration purposes. ^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^
Furthermore, we have not had any customer reports of this to date, and a
^^^^^^^^^^^^^^^^^^^^^^^^^
webmaster would have to create malicious code in order to enable the
threat.
--Eli
This is just the kind of marketing double-talk that p*sses me off the most.
SO WHAT, if M$ has not received customer reports of exploits as yet!! This is
a *HUGE* hole - M$ should just buckle down, and fix it fast. Then, they can
talk about how no one was hurt by it before they fixed it....
It sounds like they are insinuating that the problem is not a big deal. It is!
-- Bill Van Emburg
Phone: 908-235-2335 Quadrix Solutions, Inc.
Fax: 908-235-2336 (bve@quadrix.com)
Check out http://yourtown.com! (http://quadrix.com)
"You do what you want, and if you didn't, you don't"
