Information Security News mailing list archives
Hackers exploit old Internet Exploder bug
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 23 Feb 2007 03:23:42 -0600 (CST)
http://www.theinquirer.net/default.aspx?article=37781 By Nick Farrell 22 February 2007 A BUG in IE, which first appeared last year, is being exploited again. The flaw uses Vector Markup Language which is a rarely used, Microsoft-only Internet graphics format. At the time, hackers had several successes at exploiting the hole before Microsoft released a patch. Now a very similar VML flaw is being seen in the wild. The bug allows a hacker to take control of a computer or download adware on a PC using Windows XP Service Pack 2 or Windows 2000 SP 4. All the victim needs to do is visit a site that has been salted with a dodgy image and it is good night Vienna. The flaw exists in IE 6 and 7 unless the operating system is Vista. Vole has issued a patch. More here [1]. [1] http://news.yahoo.com/s/pcworld/128385 ______________________________________ Subscribe to the InfoSec News RSS Feed http://www.infosecnews.org/isn.rss
Current thread:
- Hackers exploit old Internet Exploder bug InfoSec News (Feb 23)