|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[ISN] Hackers exploit old Internet Exploder bug
From: InfoSec News (alerts
infosecnews.org)
Date: Fri Feb 23 2007 - 03:23:42 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
http://www.theinquirer.net/default.aspx?article=37781
By Nick Farrell
22 February 2007
A BUG in IE, which first appeared last year, is being exploited again.
The flaw uses Vector Markup Language which is a rarely used,
Microsoft-only Internet graphics format.
At the time, hackers had several successes at exploiting the hole before
Microsoft released a patch. Now a very similar VML flaw is being seen in
the wild.
The bug allows a hacker to take control of a computer or download adware
on a PC using Windows XP Service Pack 2 or Windows 2000 SP 4.
All the victim needs to do is visit a site that has been salted with a
dodgy image and it is good night Vienna. The flaw exists in IE 6 and 7
unless the operating system is Vista. Vole has issued a patch.
More here [1].
[1] http://news.yahoo.com/s/pcworld/128385
______________________________________
Subscribe to the InfoSec News RSS Feed
http://www.infosecnews.org/isn.rss
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]