Internet -> Clients -> WWW -> Browsers -> Internet Explorer -> Security

Advisory by USSR: "It is possible to create a malicious webpage that when visited by an IE user all of their system resources are devoured and depending on the system its possible that the machine can even crash and reboot itself."

Internet Explorer Security is a utility that customizes aspects of the Internet Explorer Web browser.

A fairly serious flaw in Internet Explorer which would enable a malicious Web page or e-mail to drop a cookie containing an HTML script on a victim's machine and run it in the 'Local Computer' zone rather than the Internet zone to avoid restrictions has just been patched.

"The object property of embedded WebBrowser controls is not subject to the Cross Domain security checks that embedded HTML documents ordinarily go through, and as such it is possible to escape any sandboxing and security zone restrictions."

An attacker can run arbitrary commands on Windows machines with a simple bit of HTML, an Israeli security researcher has demonstrated. The exploit will work with IE, Outlook and Outlook Express even if active scripting and ActiveX are disabled in the browser security settings.

An attacker can gain control of another user's machine using an HTML-formatted e-mail with an attachment that contains a small remote-control program. The e-mail can be sent directly to the victim, or can be placed on a website.

Explains how the "ANALYZE.DLG" resource can be manipulated to allow the execution of arbitrary code in the My Computer" zone.

Includes: MSXML may ignore IE security zone settings during a request for data from a Web site; and a VBscript problem which allows an attacker to read files on a victim's local drive, or eavesdrop on his browsing session.

Explains how the IMG element's dynsrc attribute can be exploited to test the existence of, find the size of, find the date last updated/modified of, and the creation date of, an arbitrary local file. By GreyMagic Security.

Security and internet privacy issues of Global Histories, Cookies, and Cache while browsing with Mac Explorer 5.0

Network Management | Access | Reference | Authoring | Site Management | Servers | Directories | Clients | Website Promotion | Monitoring | Organizations Pine | Converters | FreeVSD Hosting Companies | Directory | Open Source | Push | IRC | BEA WebLogic | Mod Perl | Qmail | Site Management | Microsoft Application Center | Payments | Search | Appliances | Services | XML | Java | File Sharing | List Management | Related Client Apps | Database Maintenance | Outsourced Analysis | FAQs, Help, and Tutorials | Patches and Downloads | Scenes and Worlds | Products | History | DOS | Sendmail | Standards and Organizations | Link Management | Magazines and E-zines | Consultants | Firefox | Security | Related Utilities | Utilities | Advertising | User Groups | Unix | Macintosh | Pop-up Blockers | Bouncers | w3m | Reference | Mutt | Scripts | MH | Microsoft Commerce Server