SECUR> SECURITY: Unpatchable IE vulnerability 'in the wild'

  • From: Gleason Sackmann <gleason@xxxxxxxxxxxxxxx>
  • To: NetHappenings <nethappenings@xxxxxxxxxxxxx>
  • Date: Tue, 30 Sep 2003 09:00:00 -0500

**************************************************************
Net Happenings - From Educational CyberPlayGround
**************************************************************
US-based computer security firm iDefense released a statement over the
weekend claiming that an un-patched Microsoft vulnerability is being
exploited by hackers. The 'object type' vulnerability, which was first
acknowledged publicly by Microsoft on 20 August, 2003, allows an attacker
to take control of a system by embedding malicious code in a web page.
Despite Microsoft acknowledging the previously released patch doesn't work,
it evidently has not yet issued a working fix for the vulnerability. Once a
user views the malicious Web page, the attacker can run code on the
victim's computer. Managing director of mail filtering software company
Clearswift, Chy Chuawiwat, told ZDNet Australia the vulnerability is
serious. "It's definitely there and it continues to be easy to exploit," he
said. "It could run anything and the users wouldn't know." Chuawiwat
suggests users disable ActiveX controls and plug-ins until Microsoft issues
a patch that fixes the vulnerability.

http://www.silicon.com/news/500013-500001/1/6192.html

<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
EDUCATIONAL CYBERPLAYGROUND 
http://www.edu-cyberpg.com

VENDORS REACH THE EDUCATION MARKET
FREE EDUCATION VENDOR DIRECTORY LISTING
Find PREMIUM & FEATURED MERCHANT LISTING ALSO 
http://www.edu-cyberpg.com/Directory/default.asp

HOT LIST OF SCHOOLS ONLINE
http://www.edu-cyberpg.com/Schools/default.asp

SERVICES
http://www.edu-cyberpg.com/PS/Home_Products.html

Net Happenings,K12 Newsletters, Network Newsletters
http://www.edu-cyberpg.com/Community/index.html
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>

Other related posts:

  • » SECUR> SECURITY: Unpatchable IE vulnerability 'in the wild'
  1. Home
  2. nethappenings
  3. Archive
  4. 09-2003