____/ Linonut on Monday 19 November 2007 23:53 : \____
> * Roy Schestowitz fired off this tart reply:
>
>> Update: Windows zero-day flaw 'very dangerous,' experts say
>>
>> ,----[ Quote ]
>>| "It doesn't require a PhD in hacking," Brown said. "The number of people
>>| who can use this is huge."
>>|
>>| eEye considered it so dangerous that early this morning it released a
>>| rare unofficial patch to temporarily plug the dike. This is only the
>>| second time that eEye has put out an unsanctioned fix for a Microsoft bug.
>> `----
>>
>>
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9015138&intsrc=hm_list
>> http://tinyurl.com/2fxpsu
>
> Huh? I thought Windows already had this kind of flaw, quite awhile ago:
>
> Yesterday, Microsoft Corp.'s Security Response Center (MSRC) issued
> an advisory acknowledging a bug in Windows' animated cursor, a
> component that lets developers show a short animation at the mouse
> pointer's location. Attackers, who are already exploiting the bug in
> limited fashion, can hijack PCs by tempting users to malicious Web
> sites or by sending them a malformed file via e-mail.
>
> Ah, here it is, in April:
>
> http://news.zdnet.com/2100-1009_22-6172440.html
>
> Windows animated cursor flaw--150 sites infected
> By Robert Vamosi, News.com
>
> Published on ZDNet News: Apr 2, 2007 1:30:00 PM
>
> Microsoft -- Let's bring it up again and vote on it.
It affected the 'precious' Vista as well. Visit Web site, have your PC
compromised. No intervention required, IIRC.
Windows is like a car with an automatic gear. It's a shame that the gear is
located on the car's exterior, so any stranger can seize control.
--
~~ Best of wishes
Roy S. Schestowitz | Useless fact: Falsity implies anything
http://Schestowitz.com | Free as in Free Beer | PGP-Key: 0x74572E8E
Cpu(s): 25.8%us, 4.2%sy, 1.0%ni, 64.7%id, 4.0%wa, 0.2%hi, 0.2%si, 0.0%st
http://iuron.com - semantic engine to gather information
|
|
