AOH :: IS1479.HTM

Chinese experts mistakenly release IE7 exploit




Chinese experts mistakenly release IE7 exploit
Chinese experts mistakenly release IE7 exploit



  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.

--1457021584-681643578-1229071800=:28323
Content-Type: TEXT/PLAIN; CHARSET=UTF-8
Content-Transfer-Encoding: QUOTED-PRINTABLE
Content-ID:  

http://www.techworld.com/security/news/index.cfm?newsID=108274 

By Jeremy Kirk
IDG news service
11 December 2008

The security woes continued for Microsoft after Chinese security 
researchers mistakenly released the code needed to hack a PC by 
exploiting an unpatched vulnerability in Internet Explorer 7.

At one point, the code was traded for as much as $15,000 (=C2=A310,000) on 
the underground criminal markets, according to iDefense, the computer 
security branch of VeriSign, citing a blog post from the Chinese team.

The problem in Internet Explorer 7 means a computer could be infected 
with malicious software merely by visiting a website, one of the most 
dangerous computer security scenarios. It affects computers running IE7 
on Windows XP, regardless of the service pack version, Windows Server 
2003 running Service Pack 1 or 2, Windows Vista and Windows Vista with 
Service Pack 1 as well as Windows Server 2008.

Microsoft has acknowledged the issue but not indicated when it will 
release a patch.

The vulnerability was first revealed earlier this week by the Chinese 
security team "knownsec." Knownsec said on Tuesday they mistakenly 
released exploit code thinking that the problem was already patched, 
iDefense said.

"This is our mistake," knownsec said in a Chinese-language research 
note.

[...]


--1457021584-681643578-1229071800=:28323
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________      
Help InfoSecNews.org with a donation!
http://www.infosecnews.org/donate.html 

--1457021584-681643578-1229071800=:28323--

Site design & layout copyright © 1986-2014 CodeGods