Associated Press
Microsoft: Flaws in Web Browser
AP Business Writer
Microsoft Warns That Internet Explorer Software Contains Six Flaws, Some That Are Hacker-Friendly

SEATTLE (AP) -- Microsoft Corp. has warned that its Internet Explorer software contains six flaws, some of which could give hackers access to -- and even potentially change -- personal information about computer users.

The Redmond company, which called the severity of some of the flaws "critical," advised users of Explorer versions 5.01, 5.5 and 6.0 to download a patch for the software from the Microsoft Web site at

The security bulletin issued late Wednesday marks the fourth time this year that Microsoft has issued a fix for Explorer.

Among other things, the flaws could allow hackers to view files on a user's computer hard drive. Other flaws exploit vulnerabilities in Internet Explorer's "cross-site scripting" capabilities -- which allow script from one Web page to legitimately manipulate another -- and may permit the same access by a rogue site. Another flaw attacks the software's handling of "cookies," which are data files deposited by Web sites that users frequent. The flaw may allow hackers to view and even change information on cookies.

However, those flaws could be exploited only if hackers had specific information regarding file names and locations, and the files would need specific formatting for them to access the information, said Christopher Budd, security program manager with the Microsoft Security Response Center.

Although the center is not aware of any direct problems that have resulted from the flaws, he urged users not to ignore the potential problems and to download the patch.

Back To The Study