Israeli anti-virus company EliaShim, Inc. has posted a fix for the Internet Explorer 3.x security bug that is superior to the one posted by Microsoft yesterday. Unlike the Microsoft patch, which comes in a different executable for each version and nationality of IE, the EliaShim patch is a single executable that will work with U.S. and international versions of IE. It also supports both Windows 95 and Windows NT.
EliaShim's patch, called IE-Safe, is available at http://www.eliashim.com/.
Interestingly, EliaShim believes it has found yet another security hole in Internet Explorer's Mail and News add-ins. According to the company, "hostile links" can be placed in E-mail messages or newsgroup postings that deletes files on the user's computer. IE-Safe prevents these links from misbehaving as well.
Microsoft, coincidentally, dismissed EliaShim's claim by calling the feature in question a "design thing, not a bug."
And, to top off a fine day for Internet Explorer users, a group of students from the University of Maryland say they have found yet another bug in Internet Explorer that allows hackers to remotely retrieve files, run applications, or install viruses on the user's computer. One interesting note from the students who found the bug: "It should also be noted that this bug is probably the result of the move to merge Internet Explorer with the Windows desktop, just as the other bug was."
Want more information?
Yet another Internet Explorer bug...