Friday 19 December 2003

Openwares' Internet Explorer Patch

An update to my previous article on Openwares' Internet Explorer Patch: according to Full Disclosure, the Openwares patch produces a buffer overflow, with possibility to overwrite the stack and the buffer overflow exists in a section of the code whose main purpose appears to be submitting information about what you browse back to the code's authors. More security issues are can be found in the article.

ZdNet is also reporting that Software developers are suspicious of this patch and advice waiting till Microsoft releases an official patch - though we don't know when that will be. The link to the ZdNet article is via TinyApps.

Related Entry