A very serious Internet Explorer bug has been uncovered that affects ALL Internet Explorer users on ALL versions of Windows.

Details here:

Microsoft is investigating new public reports of a vulnerability in all supported editions of Microsoft Windows. The vulnerability could allow an attacker to cause a victim to run malicious scripts when visiting various Web sites, resulting in information disclosure. This impact is similar to server-side cross-site scripting (XSS) vulnerabilities. Microsoft is aware of published information and proof-of-concept code that attempts to exploit this vulnerability. At this time, Microsoft has not seen any indications of active exploitation of the vulnerability.

The vulnerability exists due to the way MHTML interprets MIME-formatted requests for content blocks within a document. It is possible under certain conditions for this vulnerability to allow an attacker to inject a client-side script in the response of a Web request run in the context of the victim’s Internet Explorer. The script could spoof content, disclose information, or take any action that the user could take on the affected Web site on behalf of the targeted user.

Microsoft has published a one-click “Fix it” workaround for the bug that involved locking down MHTML. This will prevent the launch of script in all zones within an MHTML document. Any application that uses MHTML will be affected by this workaround.

Use Windows 7? Run Driver Sweeper on the system? Having problems now installing Windows 7 Service Pack 1 (seeing Error code 0x800f0826)? Here's a possible solution:

• Download Driver Sweeper 2.8.5 here.
• Go to the Backup item in the menu.
• The latest removed driver will be automatically selected in the drop down, if this is not the item with the entries below you need to locate these by browsing through the items.
  One (or all) of the following parts should be in the list:
  • *.manifest
  • *FileRepository*
  • *winsxs*
• Click on the Restore button and Driver Sweeper will restore the files and directories. This can take a while, don't close the application before you get a notification that the backup is restored.
• Restart your system and you are done!

Might work, saving you from a reinstall ... or it might not ...

Over on Hardware 2.0 I've posted a fist look at Mozilla's Firefox 4 Beta 9.

If you’ve been keeping up with the beta builds and have been using the Beta 8 release (released December 22) then you’re not going to see a lot of changes in Beta 9. In fact, going by the release notes there’s only two changes of any importance highlighted by Mozilla:

• Overhaul of the bookmarks and history code, enabling faster bookmarking and startup performance
• Per-compartment garbage collection is now enabled, reducing work done during complex animations

More on Hardware 2.0

Apple CEO Steve Jobs just sent this email to all employees:

Team,

At my request, the board of directors has granted me a medical leave of absence so I can focus on my health. I will continue as CEO and be involved in major strategic decisions for the company.

I have asked Tim Cook to be responsible for all of Apple’s day to day operations. I have great confidence that Tim and the rest of the executive management team will do a terrific job executing the exciting plans we have in place for 2011.

I love Apple so much and hope to be back as soon as I can. In the meantime, my family and I would deeply appreciate respect for our privacy.

Steve

This VLC Player dialog that appears following an update never fails to amuse me:

Always seem to take more than a few minutes for me