The flaw was reported to the company earlier this month by Jeffrey van der Stad, a 25-year-old Dutch programmer. The problem is related to the way the browser processes so-called HTA files(HTML applications), Microsoft said in an e-mailed statement. HTA files are associated with Web applications. The vulnerability affects Internet Explorer 6 on Windows 98, Windows XP and Windows 2003 Server, according to van der Stad’s Web site. “With this vulnerability it is possible to run an HTA file without the user’s permission,” he wrote. ”Here is some more Tech News from around the web:
Tech Talk
- Windows Vista delayed into January 2007 @ Ars Technica
- Case Logic Camera Cases Review @ XYZ Computing
- Casio Exilim EX-S600 Review @ WindowsAtoZ.com
- Google Office: A Failure Compared to Microsoft Office @ CoolTechZone.com
- Linux gets built-in Cell processor support @ CNET
- Newbie Guide to the GNU/Linux shell @ Short-Media.com
- Vizo LAN Dock USB-II multi-function module @ A1 Electronics
- GAMEHELPER: GDC 06 Coverage (Blog)
- Game Developers Conference – Day 1 @ Techgage
Proof of concept flaw in IE 6
It hasn’t been a great week for Microsoft, with announced delays on Vista’s release, and a bug that can cause IE 6 to crash. CNET reports on another flaw reported this week. While Microsoft has not released the details, the vulnerabililty is in the way HTA files are handled, and could result in the running of code without your say so. Practice safe computing.