[Owasp-singapore] Microsoft Internet Explorer SSL security hole lingers

Wong Onn Chee ocwong at usa.net
Fri Sep 18 11:52:16 EDT 2009


http://www.networkworld.com/news/2009/091709-microsoft-ie-security-hole.html?source=NWWNLE_nlt_security_2009-09-18

Microsoft still does not acknowledge a weakness
<https://www.networkworld.com/news/2009/073009-more-holes-found-in-webs.html>
in its Internet Explorer browser that was pointed out seven weeks ago
and enables attackers to hijack what are supposed to be secure Web
sessions.

The company says it is still evaluating whether the weakness exists, but
Apple, which bases its Safari for Windows browser on Microsoft code,
says Safari for Windows has the weakness and the Microsoft code is the
reason. If Microsoft doesn't fix the problem, Apple can't fix it on its
own, Apple says. Apple has fixed the problem for Safari for Macs
<http://www.networkworld.com/news/2009/080409-mozilla-patches-three-public-firefox.html>.

Read more to find out the null character problem.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20090918/b9045439/attachment.html 


More information about the Owasp-singapore mailing list