Language Selection

English French German Italian Portuguese Spanish

M$ Confirms Code Execution Hole in IE

Filed under
Microsoft

Microsoft late Thursday confirmed a security flaw in its dominant Internet Explorer browser could be potentially exploited by malicious hackers to take "take complete control of the affected system."

The software giant released a security advisory acknowledging the vulnerability and recommended that IE users set Internet and local intranet security zone settings to "High" before running ActiveX controls in these zones.

All supported versions of Internet Explorer, including IE 6.0 in Windows XP SP 2 (Service Pack 2) are affected.

Microsoft Corp.'s confirmation comes less than 24 hours after private security research firm SEC Consult published a working exploit to show that the bug could crash the browser or exploited to execute arbitrary code in the context of IE.

Microsoft said it was not aware of any attacks attempting to use the reported vulnerability or customer impact and promised a patch would be made available once an investigation is completed.

Full Story.

More in Tux Machines

Android Leftovers

GNOME 3.28 Linux Desktop Environment Development Kicks Off with First Snapshot

GNOME developer Javier Jardón is kicking off the development of the GNOME 3.28 desktop environment with the first snapshot, GNOME 3.27.1, which is now available for public testing. Read more

How to manage casual contributors to open source projects

Increasingly, people want to contribute to projects casually—when they want to, rather than adhering to a schedule. This is part of a broader trend of "episodic volunteering" noted by a wide range of volunteer organizations and governments. This has been attributed not only to changes in the workforce, which leave fewer people able to volunteer with less spare time to share, but also to changes in how people perceive the act of volunteering. It is no longer seen as a communal obligation, rather as a conditional activity in which the volunteer also receives benefits. Moreover, distributed revision-control systems and the network effects of GitHub, which standardize the process of making a contribution, make it easier for people to contribute casually to free/libre/open source software (FLOSS) projects. Read more

5 ways to invigorate education with Raspberry Pi

A couple of years ago, I was talking to PayPal senior director of software development Harper Reed at All Things Open in Raleigh, N.C., when he suggested that the best way to invigorate education would be to purchase Raspberry Pis en masse and put them in public libraries. Although many schools have made sizeable investments in classroom technology, those investments have done little to advance students' understanding of how the technology works. That's where the Raspberry Pi comes in, as it's the ideal vehicle to demonstrate the educational efficacy of open source software and open hardware in the classroom. Read more