click through to page
home page
Archived article from the year 2000
"Your data has a social life too"

Bugs & Holes

Security holes

Examples of holes

Improving security

Security tips



Main bugs & holes index

home page

Here are just a few of the enormous security flaws in Microsoft programs.

Now you know why it's called software.

Examples of security holes

Doh! IE5 Clipboard view

Here's a neat little hole in IE5. With the right string of code, anybody running a Web site server can record whatever's in your clipboard. There's a demonstration of the process in action on the earthweb site. Make sure you've got something in your clipboard and when you go into the demonstration page it will incorporate the content.

Doh! Windows 95 password view

There's a program floating around the Internet that allows hackers to decrypt any password that you've stored on your Windows 95 machine. The moral? Don't store passwords if they're important. Here's Microsoft's response to the discovery of the hole.

Doh! Internet Explorer cookie stealer

With the right bit of code hidden on a Web page, it's possible to download cookies from a user's computer. Cookies are only supposed to be read by the site that creates them, so this is a significant security breach. Some cookies contain important information. For example a Hotmail cookie can help get you into a Hotmail account. Here's ZDNet's report.

Doh! IE4 text file view

If you're still using IE4.0, it might be a good idea to upgrade. Somebody has discovered a clever way to peer through your browser and look at text and HTML files on your hard drive. It's known as the Freiburg bug. Read more about it here.

Doh! Internet Explorer ActiveX hole

Probably the biggest hole of all. If there's malicious ActiveX code on a Web site, the site can send a trojan that takes over your computer. How about that for security? ZDNet takes up the story.

Doh! Office 2000 scripting hole

Another biggie. Malicious code can be sent from a Web site to change the security settings of your Office 2000 programs. See a demonstration and find the patch through the Lopht site.


And these are just popular examples. There are many other bugs out there. If you thought the Internet and your Windows/Explorer package were safe, think again.

Should you worry? Most people don't. Only a tiny proportion of Internet users bother to fix all these holes in their garden fence. If you follow the recommended security tips you'll be better protected than the vast majority of Internet users. There'll still be the odd hole in your fence, but at least you won't be leaving the garden gate wide open, as most people on the Internet are.

Introduction to security holes

Improving computer security

Security tips

What hackers do



Personal data
Mobile phones


home page

About TinHat
Privacy policy

home page

copyright Foxglove Media Ltd 2001. See disclaimer and republishing guidelines.