Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: MS06-042 and IE 6.0 SP1 issues SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
MS06-042 and IE 6.0 SP1 issues
Looks like the recent Microsoft patch (MS06-042) , which is a cumulative Security Update for Internet Explorer is affecting some IE 6.0 SP1 users. So, if you are a IE 6.0 SP1 user, you may be affected by this issue when "visiting a website that use HTTP 1.1 and compression"
MS updated the advisory to contain this information and plan to re-release the patch by August 22, for those users only.

You may ask how many users can be affected by this. I really dont know, but I suspect that the number is not high (but I can be completely wrong). The reason is that HTTP 1.1 compression is not (or at least wasn't ) enable by default on both IIS and Apache web servers, the most used webservers.

If you are one of those users, please let me know if you are seeing this issues.

Handler on Duty: Pedro Bueno ( pbueno //&&// isc .sans. org )

155 Posts
ISC Handler
Aug 16th 2006

Sign Up for Free or Log In to start participating in the conversation!