Bill heeft twee fixes in elkaar getimmerd waarmee enkele beveiligingskraters in Internet Exploder 5.0 dicht gepetst kunnen worden. Hier de info van Betanews:
Microsoft has released two updates to security holes in Internet Explorer 5.0. The first fixes a bug in the "download behavior" of IE 5 that allows web page authors to download files for use in client-side script. By design, a web site should only be able to download files that reside in its domain; this prevents client-side code from exposing files on the userís machine or local intranet to the web site. However, a server-side redirect can be used to bypass this restriction, thereby enabling a malicious web site operator to read files on the userís machine or the userís local intranet. Microsoft is developing a patch for this problem. The second security hole allows a Web site to invoke the ImportExportFavorites() method, bypass any restrictions and write files that could be used to execute system commands.