Language Selection

English French German Italian Portuguese Spanish

M$ Confirms Code Execution Hole in IE

Filed under
Microsoft

Microsoft late Thursday confirmed a security flaw in its dominant Internet Explorer browser could be potentially exploited by malicious hackers to take "take complete control of the affected system."

The software giant released a security advisory acknowledging the vulnerability and recommended that IE users set Internet and local intranet security zone settings to "High" before running ActiveX controls in these zones.

All supported versions of Internet Explorer, including IE 6.0 in Windows XP SP 2 (Service Pack 2) are affected.

Microsoft Corp.'s confirmation comes less than 24 hours after private security research firm SEC Consult published a working exploit to show that the bug could crash the browser or exploited to execute arbitrary code in the context of IE.

Microsoft said it was not aware of any attacks attempting to use the reported vulnerability or customer impact and promised a patch would be made available once an investigation is completed.

Full Story.

More in Tux Machines

Lessons learned from the failure of Ubuntu Touch

With the death of yet another open source/free software/Linux-based mobile platform, Ubuntu Touch, clearly it is time for us to sit down and have a frank discussion about what we in the free software world can reasonably accomplish in a mobile platform. One of the biggest issues—if not THE biggest issue—with Ubuntu Touch was that it simply had goals that were far too aggressive to reasonably achieve. It suffered from the all-too-common malady known in software development as feature creep. Read more

City Cloud gets Ubuntu Certified

European Infrastructure as a Service (IaaS) provider City Network, has joined the Ubuntu Certified Public Cloud (CPC) programme. This is the second very big European win for Ubuntu after it signed up OVH earlier this month. As an Ubuntu CPC partner, City Cloud will no longer need to create, curate, patch and maintain Ubuntu images. This will all be done by Ubuntu who will then provide them to City Network. Read more

Open-spec networking Mini-ITX has 1, 2.5, and 10 GbE ports

SolidRun’s “Marvell MacchiatoBIN” is a $349, Mini-ITX networking SBC that runs Linux 4.4 on Marvell’s quad -A72 Armada 8040, and supports ODP, OFP, and NFV. SolidRun, which is known for its NXP i.MX6 based HummingBoard SBCs and Marvell Armada 38x based ClearFog Pro and scaled down ClearFog Base networking boards, has spun a $349 (and up) Marvell MacchiatoBIN SBC that showcases Marvell’s high-end Armada 8040 SoC. The 170 x 170mm “community” Mini-ITX board ships with schematics and layout files, and offers an open source, mainline Linux 4.4x BSP. Read more

Leftovers: OSS