Home page logo

fulldisclosure logo Full Disclosure mailing list archives

RE: How big is the danger of IE?
From: "Randal, Phil" <prandal () herefordshire gov uk>
Date: Thu, 8 Jul 2004 18:03:21 +0100

full-disclosure-admin () lists netsys com wrote:
On Thu, July 8, 2004 8:07 am, Sapheriel said:
i didn't know IE also displays e-mails and power point files.

It doesn't. But the IE rendering engine (read: dlls) are used
by most MS programs to render HTML, which can be embedded
into almost any document type. Pretty much any IE exploit
will work in any of these programs as well. Isn't the whole
"integrated Microsoft suite" a wonderful concept?


As those of us who upgraded to IE6SP1 without installing the
corresponding Outlook Express (mea culpa!) found to our chagrin when
MS04-013 came out, just because you don't use something doesn't mean
it's not a security risk.



Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]