Warning raised on Web browser’s security glitch

Posted on Apr 02 2001

A local Internet service provider on Friday warned users of a security flaw on the latest Microsoft Internet browsers which, if not fixed, could result in hackers taking control of other computers.

Saipan Datacom urged users of Micrsoft’s Internet Explorer versions 5.01 and 5.5 to download service packs from the software company’s security site to curb the security vulnerability.

A Microsoft security manager is said to have told the Associate Press that the security flaw in the company’s latest Web browser offerings is clearly a serious vulnerability.

The latest glitch, unlike e-mail viruses, cannot be combated by recommended “safe computing” methods. This is because a person no longer needs to click on an e-mail or attachment to get infected.

“The vulnerability would be exploited when the mail was being retrieved from the server, that is, before it even appeared in your inbox,” Microsoft said in its security site.

The security flaw, according to E-Commerce Times, could allow a malicious user to plant code in the e-mail, with two possible consequences, one more serious than the other.

The first possibility is that the hacker could cause Microsoft Outlook or Outlook Express to crash. But the more serious consequence is if an attacker sends a code that would be executed on the recipient’s computer and in essence, would allow a malicious user to take over the computer.

E-Commerce Times said such would allow the malicious user to reformat the hard drive, change data or communicate with external sites.

Saipan Datacom advised that people using either Internet Explorer 5.01 or 5.5 should immediately point their browsers to http://www.microsoft.com/windows/ie/critical/Q290108/default.asp to download the patch, which Microsoft immediately made available for free after discovering the flaw.

Saipan Datacom noted that the patch is an executable file, which means all one has to do is double click the file and it will automatically install. It also encouraged people who have any questions on the patch to call their office at 235-3282 or e-mail them at techsupport@saipan.com.

The flaw, according to the E-Commerce Times, was discovered by two separate researchers — one in Australia and the other in South America.

Saipan Baseball Roundup

Better days ahead for the CNMI • Government chronicles slow but sure growth in the Commonwealth’s existing industries

Disclaimer: Comments are moderated. They will not appear immediately or even on the same day. Comments should be related to the topic. Off-topic comments would be deleted. Profanities are not allowed. Comments that are potentially libelous, inflammatory, or slanderous would be deleted.