[4211] in bugtraq
Latest IE FIX from MS is a HOAX
daemon@ATHENA.MIT.EDU (Aaron Spangler)
Tue Mar 25 16:26:35 1997
Date: Tue, 25 Mar 1997 12:45:04 PST
Reply-To: Aaron Spangler <pokee@MAXWELL.EE.WASHINGTON.EDU>
From: Aaron Spangler <pokee@MAXWELL.EE.WASHINGTON.EDU>
To: BUGTRAQ@NETSPACE.ORG
The Latest Internet Explorer Security Patch from Microsoft is a HOAX.
I just installed the latest Internet Explorer Released by Microsoft Today
(IE 3.02 - Mar25). It seems it is still COMPLETELY vulnerable to Bugs
#4,#5 released earlier in the month even though it claims to fix them!!!
Is Microsoft lying when they say it fixes the latest bugs?
Try it our yourself. Download IE 3.02 from MS, and
try it on one of the sites
#4 http://www.ee.washington.edu/computing/iebug/ (For NT only)
#5 http://www.efsl.com/security/ntie/ (For NT only)
I have not even check bug #6 for win95, but it still may be vulnerable.
#6 http://www.security.org.il/msnetbreak/ (bug#6 for Win95)
- Aaron
--
Aaron Spangler EE Unix System Administrator
Electrical Engineering FT-10 pokee@ee.washington.edu
University of Washington Phone (206) 543-8984
Box 352500 or (206) 543-2523
Seattle, WA 98195-2500 Fax (206) 543-3842
