Code Posted For New IE Exploit 123
PC World is reporting that two days ago hackers posted code for a new vulnerability in Internet Explorer that could allow drive-by takeover of a vulnerable PC. Security companies say that no exploits using the "daxctle" vulnerability have yet been found in the wild, but they are taking the new threat seriously. Symantec calls the bug "critical" and Secunia rates it highly critical, the most severe rating. The hackers who posted the sample code, xsec.org, refer to it as a "0day" exploit. The article quotes another security expert who calls this label "a stretch."
Update: 09/17 18:00 GMT by C :Fixed link to XSec. Thanks for pointing that one out, folks.
Since /.'s already turned into bugtraq... (Score:2, Funny)
Linux Kernel SMBFS CHRoot Security Restriction Bypass [securityfocus.com]
Linux Kernel SCTP Multiple Remote Denial of Service [securityfocus.com]
Apple Mac OS X KExtLoad Format String Weakness [securityfocus.com]
Mozilla Firefox JavaScript Handler Race Condition Memory Corruption Vulnerability [securityfocus.com]
Re:fux0r3d (Score:2, Funny)
Real Damage (Score:5, Funny)
All this whimy-ass 'botnet' garbage needs to end. We need something that totally kills windows when you get infected. Get the people pissed off enough to force microsoft into doing something.