Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
User Journal

Journal twitter's Journal: SANS Says Cursor Exploit Nails Vista. 2 2

An, animated cursor flaw will have IE users crying:

The flaw is present on virtually the entire line of Windows OSes, including Vista, which has been held up as Redmond's poster child for safe computing. According to McAfee, Windows users browsing malicious sites using IE versions 6 or 7 risk having arbitrary code run on their machines. Those using Firefox are not vulnerable.

Upon viewing a web page, previewing or reading a specially crafted message, or opening a specially crafted email attachment the attacker could cause the affected system to execute code.

Some exploits in the wild are reported to be embedded in jpeg files, SANS says in an advisory.

SANS mitigation is to use IE in "protected mode" but this won't fix Outlook! Viewing email in plain text offers some protection for Thunderbird and Outlook users. I say, escape the trap.

This discussion has been archived. No new comments can be posted.

SANS Says Cursor Exploit Nails Vista.

Comments Filter:

"'Tis true, 'tis pity, and pity 'tis 'tis true." -- Poloniouius, in Willie the Shake's _Hamlet, Prince of Darkness_

Working...