Another bug got the better of Microsoft last week, days after a patch was posted on its site to deal with the Cybersnot issue.
This time three students from the University of Maryland announced that a bug was present in IE3.0 that could be activated simply by double clicking on an icon in a Web page.
The Maryland bug is similar to the Cybersnot variation in that it allows a hacker to launch applications without warning. The Maryland trio also claim that files on a hard drive are at risk of being modified or deleted without warning.
Microsoft's official line is that the two bugs are the same, but are executed in different ways. Andrew Lees director of desktop and Internet at Microsoft, said: "The information from the US is that these are one and the same. We take this very seriously and there is a fix at www.microsoft.com."
But the Maryland hackers disagreed.In a statement posted on their Web site they said: "This is not the same as the .LNK and .URL bug discovered recently." David Ross, one of the hackers, said: "The cybersnot bug uses .LNK and .URL files to access a computer but this bug exploits the fact that .isp script files may be downloaded and executed by Internet Explorer.
You need a different patch to deal with this bug."
Despite Lees' insistence that the two bugs are the same, a different patch was posted within 24 hours to deal with the Maryland bug.
Microsoft has acted swiftly to counter "overzealous reporting" of the bug issues by setting up an Email alias called [email protected] The mail alias will be monitored by Microsoft's security experts and is designed to allay any fears users of IE3.0 might have about the recent spate of security flaws.
HP and Centrica are the first industry partners to sign up to the government's new Code
New ice grows faster but is also more vulnerable to weather and wind
With a crackdown on cheats is coming in November, PUBG rushes to fix matchmaking problems introduced in Update #22
New material uses carbon dioxide from the air to repair and reinforce itself