[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] How big is the danger of IE?

To: Eric Paynter <eric@xxxxxxxxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxx
Subject: RE: [Full-Disclosure] How big is the danger of IE?
From: "Randal, Phil" <prandal@xxxxxxxxxxxxxxxxxxxx>
Date: Thu, 8 Jul 2004 18:02:42 +0100

full-disclosure-admin@xxxxxxxxxxxxxxxx wrote:
> On Thu, July 8, 2004 8:07 am, Sapheriel said:
>> i didn't know IE also displays e-mails and power point files.
> 
> It doesn't. But the IE rendering engine (read: dlls) are used
> by most MS programs to render HTML, which can be embedded
> into almost any document type. Pretty much any IE exploit
> will work in any of these programs as well. Isn't the whole
> "integrated Microsoft suite" a wonderful concept?
> 
> -Eric

As those of us who upgraded to IE6SP1 without installing the
corresponding Outlook Express (mea culpa!) found to our chagrin when
MS04-013 came out, just because you don't use something doesn't mean
it's not a security risk.

Cheers,

Phil

----
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] Nokia 3560 Remote DOS
Next by Date: Re: [Full-Disclosure] How big is the danger of IE?
Previous by thread: RE: [Full-Disclosure] How big is the danger of IE?
Next by thread: RE: [Full-Disclosure] How big is the danger of IE?
Index(es):
- Date
- Thread