IE5 security bugs prevent 5.01 release

[mea culpa <jericho () DIMENSIONAL COM>]

From: "Noonan, Michael D" <michael.d.noonan () intel com>
(Courtesy of Paul Thurrott's WinInfo e-newsletter)

Buggy IE 5 causing fits for Microsoft

It may be the dominant Web browser and the overwhelming technological
champion, but Internet Explorer 5.0 is causing fits for Microsoft
Corporation. Bug after bug has plagued the Web browser since its release
in March, and now, just six months later, its seems a week doesn't go by
without some new problem cropping up. This week, IE 5.0 was hit by not
one, but two new bugs, one of them fairly surface. And a reeling Microsoft
can't seem to ship IE 5.01--which will include a massive collection of bug
fixes--soon enough.

Bug-tracking Web site BigFix (http://www.bigfix.com) has identified what
it describes as a "serious" bug, which can compromise the security of PCs
on a local network, even if they're behind a firewall. Using a security
hole in Internet Explorer 5.0, malicious intruders would be able steal
files off of a computer from over the Internet. BigFix recommends that
users disable Active Scripting as a temporary workaround, since Microsoft
has yet to come up with a fix. The company says, however, that a patch
will be posted to its Security Web site as soon as its available:
 http://www.microsoft.com/security/default.asp

Meanwhile, another bug site, BugNet (http://www.bugnet.com), has
identified another, less serious, bug in Internet Explorer that could
cause problems with XML, the eXtensible Markup Language that many Web
sites are beginning to use. Microsoft's HTML rendering engine in Internet
Explorer can strip quotes out of HTML attribute strings in certain
situations, rendering them incompatible with the new XML standard.
Microsoft is aware of the problem, though they've been mum about any
potential fixes.

If you're using Internet Explorer 5.0, you might want to make sure that
your install has the latest bug fixes installed. To do, visit Windows
Update (if you're a Windows 98 or 2000 user) or the Microsoft Security Web
site.

Netscape releases Communicator 4.7

Netscape Communications released the latest version of its Web browser
suite, Communicator 4.7, this week. Communicator 4.7, which ships in a
variety of editions, is a free collection of software that allows users to
browse and communicate over the Internet. New to version 4.7 is a "Shop"
toolbar button, which directs the user to Shop@Netscape, the company's new
eCommerce portal.

Despite the recent release of the suite, it includes some oddly out of
date components, such as older versions of AOL Instant Messenger and
RealAudio.  But the new version is also the first to bundle WinAMP, a free
multimedia player that plays MP3 audio files. Communicator 4.7 also
includes a new version of Netscape Radio, the online radio service that
allows you to listen to live streaming audio over the Internet.

Do download Netscape Communicator 4.7, please visit the Netscape Web site:
 http://www.netscape.com/computing/download/

ISN is sponsored by Security-Focus.COM