March 12, 1997 11:00 AM ET

Microsoft's IE repairs still incomplete
By Renee Deger

  Microsoft Corp. announced yesterday that it will post repair programs on its Web site this week for foreign language versions of Internet Explorer dogged by several security bugs.

In addition, the Redmond, Wash., company said it is working on a program that further fixes the security breaches. But it currently has no plans to produce a program that solves the security breaches for Version 2.0 of the program.

"Our suggested fix for 2.0 is to upgrade to 3.0," said Robert Bennet, a lead product manager at Microsoft.

The company came under fire last week as three bugs were discovered in the IE software. The breaches centered on the program's automatic execution of files downloaded from, or loaded onto, Web sites that could contain dangerous code. Shortcut files, for example, were executed automatically, preventing a user from first examining the contents of a file and looking for code that could harm a hard drive.

Microsoft issued a repair program for the bug, although it does not completely delete hazardous programs.

Bennet said the company is working on any potential hazards but he reiterated past comments by Microsoft officials that the program, with the repair code installed, will not automatically execute programs from the Web. Users still have the choice of scanning the programs first, he said.

Copyright(c) 1997 Ziff-Davis Publishing Company. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Ziff-Davis Publishing Company is prohibited. PC Week and the PC Week logo are trademarks of Ziff-Davis Publishing Company. PC Week Online and the PC Week Online logo are trademarks of Ziff-Davis Publishing Company.

Send mail to PC Week