A security hole in Microsoft Corp.’s Internet Explorer could prove devastating. Following the exposure of a vulnerability in Windows XP earlier this week, “http-equiv” of Malware has revealed that Explorer 6 users (and possibly users of earlier versions) could be fooled into downloading what look like safe files but are in fact whatever the author wishes them to be -- including executables.
A demonstration of the hole is currently on security company Secunia’s website and demonstrates that if you click on a link, and select “Open” it purports to be downloading a pdf file whereas in fact it is an HTML executable file.
Source: Info World
Another one? Really? What I want to know is this: What WinIE hole/bug has NOT posed a serious security risk? When is the "phishing" hole going to be patched? That should have been taken care of BEFORE the new year!
New Explorer hole could be devastating
Blog Hosting by Meancode Media
Breaking Windows is © 2003
by Ken Edwards and Matt Paprocki. Some Rights Reserved.
Contact Ken: ken [at] meancode [dot] com
Contact Matt: videogamer [at] bex [dot] net
Disclaimer: The opinions expressed on this website are solely those of the author and do not reflect those of any corporation, business entity, group or club the author has ever been associated with. Feel free to quote anything I say but do me the courtesy of a link back (see Creative Commons license).
Powered by
Movable Type 3.35
Movable Type 3.35