Temporary solution for Internet Explorer Vulnerability
Posted on: 04/11/2004 03:42 PM

OnlyNewZ has posted an unofficial patch for Internet Explorer

Temporary solution for the recent discoverd vulnerability (by The United States-Computer Emergency Readiness Team) in all Internet Explorers 5.01 and higher.

If an ITS protocol handler is unable to access the specified MHTML file, the handler will attempt to access the content specified by the alternate location. The ITS protocol handlers incorrectly treat HTML content from one domain (htmlfile.html in example.com) as if it were in a different domain (file://, the Local Machine Zone). This is a violation of the cross-domain security model. Limited testing shows that the ms-its, its, and mk:@MSITStore protocol handlers are vulnerable.

Read more


Printed from NT Compatible (https://www.ntcompatible.com/news/story/temporary_solution_for_internet_explorer_vulnerability.html)