AOH :: ISNQ6396.HTM

Hackers exploit Windows XP zero-day, Microsoft confirms




Hackers exploit Windows XP zero-day, Microsoft confirms
Hackers exploit Windows XP zero-day, Microsoft confirms



http://www.computerworld.com/s/article/9178084/Hackers_exploit_Windows_XP_zero_day_Microsoft_confirms 

By Gregg Keizer
Computerworld
June 15, 2010 

Hackers are now exploiting the zero-day Windows vulnerability that a 
Google engineer took public last week, Microsoft confirmed today.

Although Microsoft did not share details of the attack, other 
researchers filled in the blanks.

A compromised Web site is serving an exploit of the bug in Windows' Help 
and Support Center to hijack PCs running Windows XP, said Graham Cluley, 
a senior technology consultant at antivirus vendor Sophos. Cluley 
declined to identify the site, saying only that it was dedicated to 
open-source software.

"It's a classic drive-by attack," said Cluley, referring to an attack 
that infects a PC when its user simply visits a malicious or compromised 
site. The tactic was one of two that Microsoft said last week were the 
likely attack avenues. The other: Convincing users to open malicious 
e-mail messages.

[...]


_________________________________________________________________
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com 

Site design & layout copyright © 1986-2014 CodeGods