News Burst: Danes find another IE bug

A Danish newsgroup has uncovered yet another security loophole in Microsoft's Internet Explorer (IE) 4 that allows malicious hackers to alter the browser's security settings.

The "Look Ma, No Dots" bug allows users to get around the higher security levels in Internet Explorer for Internet sites - as opposed to intranet sites - by a simple calculation based on the site's IP address.

However, the user would have to modify IE4's default intranet Security Zone settings to be affected by the bug. Also, many corporate users Internet and intranets are served by proxy servers, which would block the hole, according to Bob Minor of CyberMill, an Internet consultancy in St. Louis.

Microsoft has confirmed the potential security breach and a company spokesman in Denmark told PC World there that developers were currently working to address the issue. The problem apparently affects only Internet Explorer 4 for Windows. Netscape and Internet Explorer on the Mac are not affected.

"We take security issues very seriously and are dealing with the issue," said a Microsoft UK spokesman.