Microsoft claims it has fixed a security bug in its Internet Explorer browswer, which could allow user authentication information to be intercepted.
The company has posted on its Web site a patch for its Internet Explorer 3 and 4 Web browsers, which it claims will eliminate the ?Page Redirect? security bug. The problem occurs when a user types a user name and password for one Web site, and is then redirected to a second site. The account name and password are passed on to the second site, allowing them to be captured.
The bug affects Internet Explorer 4.0 for Windows 95 and NT 4.0, as well as Internet Explorer 3.02 for the same platforms. It is also present in the preview version of Internet Explorer 4.0 for Unix, but that will be fixed before the product ships, Microsoft said. ?In the mean time, we advise that Unix Preview 1 users do not enter their authentication information at Web sites," a warning on Microsoft?s download site reads.
Jan Guldentops, an Internet security consultant in Leuven, Belgium, said security bugs such as this one will inevitably keep turning up as long as Internet software developers maintain their present breakneck release schedules. ?This market is just too competitive. Products are being developed and released too fast, and there just isn?t time for accurate security checking?, he said. ?So this will keep happening.?
Microsoft is reportedly also working on a fix for another problem, one that occurs when software that includes a bundled version of IE3 - such as the AOL 3.0 client software - is installed on a system that already has IE4 installed. Both versions of Internet Explorer clash, so neither will work. While working on a fix, Microsoft said that reinstalling IE4 should also solve the problem.
Finding refutes many earlier studies that suggest that galaxies don't have much dark matter at the time of their birth
Boris the robot outed as man in rented robot suit
Mission will provide vital data about the performance of rocket, spacecraft, autonomous docking system and the landing system
The flight will take off from California's Mojave Air and Space Port and could happen as soon as 13th December