Code Posted For New IE Exploit

PC World is reporting that two days ago hackers posted code for a new vulnerability in Internet Explorer that could allow drive-by takeover of a vulnerable PC. Security companies say that no exploits using the "daxctle" vulnerability have yet been found in the wild, but they are taking the new threat seriously. Symantec calls the bug "critical" and Secunia rates it highly critical, the most severe rating. The hackers who posted the sample code, xsec.org, refer to it as a "0day" exploit. The article quotes another security expert who calls this label "a stretch." Update: 09/17 18:00 GMT by C :Fixed link to XSec. Thanks for pointing that one out, folks.

Since /.'s already turned into bugtraq...

[mobby_6kl]

why not post these:

Linux Kernel SMBFS CHRoot Security Restriction Bypass [securityfocus.com]
Linux Kernel SCTP Multiple Remote Denial of Service [securityfocus.com]
Apple Mac OS X KExtLoad Format String Weakness [securityfocus.com]
Mozilla Firefox JavaScript Handler Race Condition Memory Corruption Vulnerability [securityfocus.com]

Re:fux0r3d

[rolandog]

In capitalist America, your computer can have 'safe sex' by using the Firefox condom and taking the 'NoScript' pill.

Real Damage

[nurb432]

what ever happened to exploits ( be it virus, trojan, whatever ) that cased some REAL damage?

All this whimy-ass 'botnet' garbage needs to end. We need something that totally kills windows when you get infected. Get the people pissed off enough to force microsoft into doing something.