IE Bugs Now 'Extremely Critical' An unpatched, months-old vulnerability in Microsoft's Internet Explorer is now even more dangerous, security firms reported Monday.
By Gregg Keizer, TechWeb News January 10, 2005 (1:32 PM EST) Danish security vendor Secunia warned that new exploits of an earlier series of vulnerabilities in IE now let hackers compromise Windows computers without any more work than enticing users to malicious Web sites. In August and then again in October 2004, Secunia broadcast warnings of similar threats to IE, but at the latter date posted proof-of-concept code which required the user to actually drag and drop a file within the browser to be at risk. The exploits now in the wild, said Secunia and the SAN Institute's Internet Storm Center, are automated and require no user action except visiting a hacker-constructed site. In response, Secunia upped its assessment of the vulnerability to "extremely critical,' its most dire warning.
The only easy day was yesterday.
...some do, some don't; some will, some won't (WR)