Another IE 5 bug bites

Share on facebook
Share on twitter
Share on linkedin
Share on whatsapp
Another IE 5 bug bites

Another security hole has been discovered in Microsoft Internet Explorer 5.0, potentially leaving computers open to attack by malicious Web site operators.

The bug involves IE 5’s “download behavior,” a feature that allows a Web page to download files for use in client-side scripting.

The feature is intended to prevent client-side code from exposing files on the user’s machine, but a server-side redirect can be used to bypass this restriction. The flaw could enable a malicious Web site operator to read an unsuspecting user’s local files, according to Microsoft.

The company said it is working on a patch for the problem.

A detailed story appears at