St. Petersburg Times
Special report
Video report
  • For their own good
    Fifty years ago, they were screwed-up kids sent to the Florida School for Boys to be straightened out. But now they are screwed-up men, scarred by the whippings they endured. Read the story and see a video and portrait gallery.
  • More video reports
Multimedia report
Print Email this storyEmail story Comment Email editor
Fill out this form to email this article to a friend
Your name Your email
Friend's name Friend's email
Your message

Microsoft working on patch for IE flaw

Associated Press
Published August 20, 2005

SEATTLE - Microsoft Corp. was working Friday to come up with a fix for a flaw in its Internet Explorer browser that could let hackers gain remote access to computer systems through malicious Web sites.

A patch was not immediately available, though security experts played down the risk.

"If the user doesn't browse a malicious Web site, then the user isn't even under attack," said Gerhard Eschelbeck, chief technology officer at security company Qualys Inc.

Stephen Toulouse, a program manager for the software maker's Security Response Center, said the component that's the root of the problem does not come standard in the Windows operating system.

In an update to a security advisory the company had issued the day before, Microsoft said Friday that machines running Visual Studio 2002 without the Service Pack 1 update, or Office 2003 with Service Pack 3, could be vulnerable.

Microsoft said it knew of no customers who had been attacked.

The company urged Internet users to be careful about opening up Web links in e-mails and said it would release a security update once it had completed its investigation.

Thursday's advisory came after a French security research team published a "proof-of-concept exploit" showing how hackers could take advantage of the vulnerability.

Without referring to the exploit specifically, Microsoft said the flaw "was not disclosed responsibly, potentially putting computer users at risk."

[Last modified August 20, 2005, 01:40:05]

Share your thoughts on this story

[an error occurred while processing this directive]
Subscribe to the Times
Click here for daily delivery
of the St. Petersburg Times.

Email Newsletters