Microsoft patches security patch

Microsoft Corp has issued a new software patch for its Internet Explorer browser to correct a problem created by one of its own security patches. The company's latest security patch is for Internet Explorer versions 5.1, 5.5 and 6.0, and updates a patch issued on February 5.

The original patch fixed critical problems with Internet Explorer’s cross-domain security model, which prevents windows of different domains from sharing information. The flaws could have enabled an attacker to execute commands on a user’s system.

Unfortunately the patch also raised some problems for users attempting to authenticate to subscription-based web sites, as well as Microsoft’s own Hotmail web-based email service. This issue has been resolved with the new hot fix cumulative patch update to Internet Explorer, which is available for download from the company’s web site.

The need for a second patch once again calls into question Microsoft’s security strategy. After making a lot of noise about its Trustworthy Computing initiative, Microsoft has been embarrassed twice in recent weeks by fundamental flaws in its response to security concerns.

First the company failed to follow its own advice by not applying a patch to its own systems that would have prevented the spread of the Slammer virus, and now it has implemented a security patch that results in functionality issues.

Source: Computerwire

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing