Submission + - Google Maps used to locate phishing victims
Damon Hastings writes: http://www.techworld.com/security/news/index.cfm?n ewsID=8077
Okay, the story here is that it is once again possible to download a trojan merely by visiting a web page. All articles I've found have unfortunately focused on a single exploit of this vulnerability, and thus the articles are nearly irrelevant. The vulnerability is what matters. If it isn't patched soon, you could see millions of infections from more creative exploits in the very near future. If any hacker is able to smuggle the trojan onto even a single major website, he could net millions of victims.
Does anyone know which vulnerability is being used? Or what browser(s) are affected? Is it just Internet Explorer 6? IE7? How long has Microsoft known about this vulnerability, and when will they fix it (or have they already?) I can't find any useful articles on the net — they're all just clones of this one.
The Google maps bit is of course completely irrelevant — the ability to map IP addresses to physical locations has been widely and publicly available since before Google existed. Google has no culpability here, despite the misleading reporting done by the major news agencies.
Okay, the story here is that it is once again possible to download a trojan merely by visiting a web page. All articles I've found have unfortunately focused on a single exploit of this vulnerability, and thus the articles are nearly irrelevant. The vulnerability is what matters. If it isn't patched soon, you could see millions of infections from more creative exploits in the very near future. If any hacker is able to smuggle the trojan onto even a single major website, he could net millions of victims.
Does anyone know which vulnerability is being used? Or what browser(s) are affected? Is it just Internet Explorer 6? IE7? How long has Microsoft known about this vulnerability, and when will they fix it (or have they already?) I can't find any useful articles on the net — they're all just clones of this one.
The Google maps bit is of course completely irrelevant — the ability to map IP addresses to physical locations has been widely and publicly available since before Google existed. Google has no culpability here, despite the misleading reporting done by the major news agencies.
