AOH :: ISNQ3673.HTM

Hackers exploit old Internet Exploder bug




Hackers exploit old Internet Exploder bug
Hackers exploit old Internet Exploder bug



http://www.theinquirer.net/default.aspx?article=37781 

By Nick Farrell
22 February 2007

A BUG in IE, which first appeared last year, is being exploited again.

The flaw uses Vector Markup Language which is a rarely used, 
Microsoft-only Internet graphics format.

At the time, hackers had several successes at exploiting the hole before 
Microsoft released a patch. Now a very similar VML flaw is being seen in 
the wild.

The bug allows a hacker to take control of a computer or download adware 
on a PC using Windows XP Service Pack 2 or Windows 2000 SP 4.

All the victim needs to do is visit a site that has been salted with a 
dodgy image and it is good night Vienna. The flaw exists in IE 6 and 7 
unless the operating system is Vista. Vole has issued a patch.

More here [1]. 

[1] http://news.yahoo.com/s/pcworld/128385 


______________________________________
Subscribe to the InfoSec News RSS Feed
http://www.infosecnews.org/isn.rss 

Site design & layout copyright © 1986-2014 CodeGods