Guninski Uncovers XML Scripting Flaw

Early this morning, BetaNews received an advisory from Georgi Guninski on yet another vulnerability that he has uncovered. The bug involves Active Scripting being executed, even when disabled in IE5.x and Outlook Express. Microsoft claims that a fully patched Internet Explorer 5.x with updated Windows Scripting Host will not experience the problem, but Guninski disagrees. 

"There is security vulnerability in IE 5.x and at least Outlook Express. The problem is Active Scripting is still executed even if it is
disabled. While this is not actual exploit by itself it opens the door for many other exploits."

If your machine is experiencing this problem, or you are unsure if you are vulnerable, disable Active Scripting and click here.

The advisory and full demonstration is available at:
http://www.guninski.com/iexslt.html.

4 Responses to Guninski Uncovers XML Scripting Flaw

Why Trust Us



At BetaNews.com, we don't just report the news: We live it. Our team of tech-savvy writers is dedicated to bringing you breaking news, in-depth analysis, and trustworthy reviews across the digital landscape.

BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.

© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.