Erik Funkenbusch <erik@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> On 1 Dec 2006 01:01:41 -0800, Roy Schestowitz wrote:
>
>> Adobe Confirms 'Critical' Reader, Acrobat Exploits With IE
>>
>> ,----[ Quote ]
>>| A critical security vulnerability in an ActiveX control used by
>>| Internet Explorer could allow malicious hackers to use Adobe's
>>| Reader and Acrobat software to launch PC hijack attacks,
>>| according to a warning from Adobe Systems.
>> `----
>>
>> http://www.pcmag.com/article2/0,1895,2066079,00.asp
>
> The flaw is in Adobe's code, not IE's. The fact that it's in their ActiveX
> version and not other versions is beside the point. This type of flaw
> could be in any version, because plug-ins, whether they're activex or
> "netscape" style are still native code that is not sandboxed, unless of
> course it's run in IE7 on Vista.
Eric is smarter than Adobe!
-----yttrx
--
http://www.yttrx.net
|
|
