Internet Explorer Twofer

The ISC is reporting on two vulnerabilities found in Internet Explorer.  The first, and possibly the more minor, is a method for tricking a user into opening malicious code from a remote file share or webdav link.  The second, and the more major, is a bug which facilitates cross site scripting to access privileged user information while visiting other websites.  For more information, see the post to full-disclosure:

http://seclists.org/lists/fulldisclosure/2006/Jun/0861.html 

Also, Mac OS X 10.4.7 is available.

Posted by Matthew Wirges on June 29, 2006, in Handlers Log.