Patch for IIS 5.0 Vulnerability; the Pentium 4 Processor; Cross-Site Scripting Vulnerability

Microsoft Releases Patch for IIS 5.0 Vulnerability
Microsoft has released a patch for a potential vulnerability in IIS 5.0 that might let a malicious user use a custom browser (i.e., a browser that isn't commercially available) to send a special header and retrieve the source code of certain Web files. The fix is included in Windows 2000 Service Pack 1 (SP1), which you can download from the Microsoft Windows 2000 Web site. You can also visit the Microsoft TechNet site to obtain a patch and read more about the vulnerability.

Intel Previews the Pentium 4 Processor
Last week, Intel previewed the Pentium 4 processor (code named Willamette) to developers at the Intel Developer's Forum in San Jose, California. Scheduled to ship later this year, the Pentium 4 processor promises clock speeds well beyond the recently announced (and even more recently recalled) Pentium III processor's 1.13GHz. The new processor targets business power users and consumers. Advantages of the Pentium 4 processor include a faster system bus (400MHz), faster arithmetic logic units (ALUs), and a new set of multimedia instructions called Streaming single-instruction, multiple data (SIMD) Extensions (SSE2), which extend the original SSE and MMX instructions. The first Pentium 4 processor is scheduled to ship before the end of year. Intel hasn't yet announced Pentium 4 processor clock speeds or pricing.

Microsoft Releases Patch for Cross-Site Scripting Vulnerability
Late last week, Microsoft released a patch that fixed a vulnerability in IIS 5.0 and 4.0. The vulnerability stems from the possibility that a malicious Web-site operator could use another, unsuspecting Web site to launch scripting code on a client through special HTML tags. Click here for more information about this vulnerability, including instructions for download the patch.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.