Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: [News] Another IE7 Security Issue?

On Sat, 24 Feb 2007 15:05:32 +0000, Roy Schestowitz wrote:

> Internet Explorer 7 security flaw
> 
> ,----[ Quote ]
>| So based on the quotes from Microsoft?s own technical note, either
>| IE7 in Protected Mode is horribly and inexcusably broken and is
>| ignoring Integrity Levels, Integrity Levels themselves are horribly
>| and inexcusably broken, or these objects are Low Integrity already,
>| everything IE7 creates is Low Integrity, and so the "protection"
>| offered is really doing nothing at all.
> `----
> 
> http://iapetus.dyndns.org/archives/2007/02/23/internet-explorer-7-security-flaw/
> http://tinyurl.com/2dv8nr
> 
> There's nothing to back this yet, but that's how it usually starts (forum
> threads and blogs).
> 
> Update: Microsoft has just responded.

That's just stupid.  Of course IE has to be able to access it's own
registry keys.  Duh.  Yes, those keys are low integrity, they have to be.
The comment that this offers no protection is idiotic at best.

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index