According to Microsoft Security Bulletin MS01-055, a newly discovered high-risk vulnerability lets malicious code gain unauthorized access to the cookies that store Web site information on a user's local system. The vulnerability affects Internet Explorer (IE) 6.0 and 5.5 users who view Web pages and HTML mail messages. Because no patch is yet available, Microsoft recommends that users disable active scripting for both Web pages and email messages (the FAQ for this bulletin describes both procedures). If you're using the Outlook Email Security Update, active scripting is already disabled for HTML messages. Otherwise, check your Outlook security zone settings under Tools, Options, Security. http://www.microsoft.com/technet/security/bulletin/ms01-055.asp
No Patch Yet for New HTML Mail Vulnerability
0 comments
Hide comments