Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft investigates potential new IE flaw


  • Please log in to reply
3 replies to this topic

#1 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:11:56 AM

Posted 18 August 2005 - 08:32 PM

Microsoft is investigating a report of a new, unpatched flaw in Internet Explorer that could expose users of the ubiquitous Web browser to attacks.An attacker could craft a malicious Web site that takes advantage of the flaw and gain control over the PCs that visit the Web site, or an attacker could install malicious software on those systems, a representative of the French Security Incident Response Team said in an e-mail interview Wednesday. The organization rates the issue "critical," its most serious classification. Published: August 17, 2005, 11:22 PM PDT Last modified: August 18, 2005, 9:34 AM PDT By Joris Evers Staff Writer, CNET News.com
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

BC AdBot (Login to Remove)

 


#2 legoman786

legoman786

  • Members
  • 684 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tucson, AZ
  • Local time:08:56 AM

Posted 19 August 2005 - 01:37 PM

why are they researching flaws now? so many flaws out there... why this one? well, anyways, atleast they are doing something.

Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.
- Rick Cook


#3 jgweed

jgweed

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:10:56 AM

Posted 19 August 2005 - 04:13 PM

The vulnerability seems only to apply to Microsoft Office 2002 and Microsoft Visual Studio.Net 2002 products, in particular the Msdds.dll file.

Another article, by Robert McMillan in PCWorld, notes:

"...attackers are increasingly using Internet Explorer rather than e-mail viruses as a way of seizing control of systems, Hubbard says. "In the last year we've seen a huge trend toward malicious Web sites being used as an attack vector," he says. "E-mail is just not as effective as it used to be."
http://www.pcworld.com/news/article/0,aid,122252,00.asp


Further information and workarounds can be found at SANS:

http://isc.sans.org/diary.php?date=2005-08-18

Regards,
John

Edited by jgweed, 19 August 2005 - 04:16 PM.

Whereof one cannot speak, thereof one should be silent.

#4 Zen00

Zen00

  • Members
  • 80 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Missouri
  • Local time:11:56 AM

Posted 25 August 2005 - 07:43 PM

One thing I can't wait for is virus makers to start working on hacking FireFox, that way people can't always walk around boasting about how much better FireFox is than IE. It really annoys me when I see a post about how someone has a virus, and the first response is, "Get FireFox".

For a bunch of things like that, search this forum, my home forum.

forums.kingdomofloathing.com
This space will eventually have something very cool to fill it up, but not right now.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users