Microsoft, Mozilla patch browsers
Microsoft issued an emergency patch to address
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to SearchITChannel.com you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of SearchITChannel.com is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
ongoing attacks on Internet Explorer through an XML vulnerability, SearchSecurity.com reported yesterday. The MS08-078 update corrects an XML processing error and is for all supported versions of Internet Explorer running on Windows 2000, XP, Vista, Server 2003 and Server 2008. The attacks are linked to a group of Chinese security researchers who said they mistakenly released the code into the wild.
Microsoft wasn't the only vendor patching its browser this week. A new Mozilla update claims to fix several dangerous flaws in the Firefox browser that could let attackers run malicious code and gain access to critical system files. The cross-site-scripting (XSS) flaws can be found in versions 2 and 3 of the browser, according to SearchSecurity.com.
Firefox 3.0.5 fixes an XSS flaw in a session restore feature that hackers could manipulate to inject malicious code into the browser. The fix also repaired a serious JavaScript privilege escalation flaw, including a JavaScript syntax error that could be used to steal private data from users, Mozilla said in its advisory.
SAP focuses on green IT
SAP plans to make green IT a major theme at its Sapphire 2009 conference, according to SearchSAP.com. In a Q and A, James Farrar, vice president of corporate citizenship, said SAP's goal is to help businesses use their ERP systems to promote environmentally friendly initiatives. The vendor's focus on green IT comes from the top down, as co-CEO Leo Apotheker recently said he'd like ERP to stand for "environmental resource protection."
Check out yesterday's IT channel news briefs.