Windows-Help.NET Newsletter22 Apr. 2000, Vol 3 No. 16
 Bugs in Microsoft & Netscape Browser


by Arie Slob

Dear Windows-Help.NET Subscriber,

This week, bugs were found in both Microsoft's Internet Explorer and Netscape's Communicator Web browser.

Microsoft Internet Explorer has a security hole that could expose people's private files to malicious Web site operators.

This bug has to do with the way Microsoft's Internet Explorer browser handles the Java programming language. It was discovered by Georgi Guninski, who has discovered several bugs in the past.

Guninski posted a demonstration of the exploit on his Web site, and recommended disabling Java or disabling scripting of Java applets pending a fix from Microsoft.


At the same time Bennett Haselton, a bug hunter and anti-content-filtering activist, found a bug in Netscape's Communicator browser that lets a hostile Web site glean private information from a visitor, including but not limited to that visitor's bookmarks.

Haselton posted a demonstration of this bug on his Web site.

To combat the vulnerability, users could simply change their (user) profile since the problem only exists if the profile is set to default.


S   P   O   N   S   O   R

DragStrip

Downloadable
Normal price: $19.95
Our Price: $0.00
Mac/Win 9.x/WinNT

DragStrip

DragStrip allows you to launch, find, organize, and access applications and documents quickly and efficiently. Say goodbye to cluttered desktops and digging through browser windows to find what you are looking for. DragStrip is the ultimate desktop organization tool and much more! With a simple drag and drop interface, you can create strips of files, folders, applications and URLs that you use frequently and then they are all only a click away.

* Free after Rebate - USA only

  Highlights  

A look at the Palm IIIc

One of the smallest color handhelds available arrives with a vibrant, readable color display screen.

More...


"There Are No Spare Stack Pages" Error

This particular error occurs on Windows 9.x systems, and while it can occur on Windows 95, it has been reported more widely on Windows 98 systems.

More...


P6Perf Utility

The P6Perf utility extends the Microsoft Win98 standard System Monitor (Win NT: Performance Monitor) applet to collect and display the advanced processor performance information. This information can be displayed side-by-side with other system performance parameters. P6Perf can be used with Intel® P6 Family processors such as Intel Pentium® Pro, Celeron™, Pentium II/III and Pentium II/III Xeon™ processors.

Download:
Windows 98 [40KB]
Windows NT [66KB]
Web site


AcqURL

The ideal way to manage your bookmarks / favorites to cope with with the ever expanding number of sites on the Internet.

Web site


Tell a friend about this Newsletter!

Need Help with Windows? Ask questions here!

 Microsoft Security

Patch Available for "Malformed Environment Variable" Vulnerability

Microsoft has released a patch that eliminates a security vulnerability in Microsoft® Windows NT® 4.0 and Windows® 2000. The vulnerability could allow a malicious user to make some or all of the memory on an affected server unavailable, potentially slowing or stopping an affected server's response time.

Affected Software Versions

  • Microsoft Windows NT 4.0 Workstation
  • Microsoft Windows NT 4.0 Server
  • Microsoft Windows NT 4.0 Server, Enterprise Edition
  • Microsoft Windows NT 4.0 Server, Terminal Server Edition
  • Microsoft Windows 2000 Professional
  • Windows 2000 Server
  • Windows 2000 Advanced Server

More information


Patch Available for "Mixed Object Access" Vulnerability

Microsoft has released a patch that eliminates a security vulnerability in Microsoft® Windows® 2000 that could, under very specific conditions, allow a malicious user to change information in the Active Directory that he should not be able to change.

Affected Software Versions

  • Windows 2000 Server
  • Windows 2000 Advanced Server

More information

  Web site updates

These pages were added/updated in the past week. Information on previously updated/added pages is available on the What's New? page for 1 month.

InfiniSource.com

Added: Patch Available for "Malformed Environment Variable" Vulnerability (WinNT/2000)
Added: Patch Available for "Mixed Object Access" Vulnerability (Win2000)
Added: A look at the Palm IIIc


Windows-Help.NET

Windows 95

Updated: Automatic Re-dialing

Windows 98

Added: "There Are No Spare Stack Pages" Error
Updated: Problems running ScanDisk and Defrag
Updated: Automatic Re-dialing


Back Issues, unsubscribing etc.

This Newsletter is also available on-line. You can view previous issues at http://www.WindowsNewsletter.com/html-archive/

Windows-Help.NET News is a weekly publication of Windows-Help.NET. We respect your online time and Internet privacy. If you would prefer not to receive this newsletter, just reply to this e-mail. You will receive a confirmation of your removal.

To change your e-mail address, simply follow the instructions to unsubscribe, and re-subscribe using your new e-mail address. You will receive instructions on how to subscribe with your confirmation of removal when you unsubscribe.

Copyright© 2000, Windows-Help.NET. All rights reserved.

Windows-Help.NET is a division of InfiniSource, Inc.