Third-party fix for Internet Explorer bug; more bugs found

Israeli anti-virus company EliaShim, Inc. has posted a fix for the InternetExplorer 3.x security bug that is superior to the one posted by Microsoftyesterday. Unlike the Microsoft patch, which comes in a different executable for each version and nationality of IE, the EliaShim patch is asingle executable that will work with U.S. and international versions of IE.It also supports both Windows 95 and Windows NT.

EliaShim's patch, called IE-Safe, is available at http://www.eliashim.com/.

Interestingly, EliaShim believes it has found yet another security hole inInternet Explorer's Mail and News add-ins. According to the company, "hostile links" can be placed in E-mail messages or newsgroup postingsthat deletes files on the user's computer. IE-Safe prevents these links from misbehaving as well.

Microsoft, coincidentally, dismissed EliaShim's claim by calling the feature in question a "design thing, not a bug."

And, to top off a fine day for Internet Explorer users, a group of studentsfrom the University of Maryland say they have found yet another bug in Internet Explorer that allows hackers to remotely retrieve files, runapplications, or install viruses on the user's computer. One interesting note from the students who found the bug: "It should also be noted that this bug is probably the result of the move to merge Internet Explorer with the Windows desktop, just as the other bug was."

Want more information?
Yet another Internet Explorer bug...