Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

Submission Summary: 0 pending, 2 declined, 0 accepted (2 total, 0.00% accepted)

DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - Sweden rejects Assange residency application

Jazzbunny writes: Sweden's immigration authority on Monday rejected WikiLeaks founder Julian Assange's request for residency, a potential setback in his efforts to gain protection from Swedish press freedom laws. "His application has been denied," Migration Board spokeswoman Gunilla Wikstrom told The Associated Press. She declined to give the reason, saying it was confidential.
Bug

Submission + - DLL hole now affects EXE files

Jazzbunny writes: It turns out that the DLL vulnerability (Binary Planting) under Windows was only the tip of the iceberg. DLL libraries aren't the only things that are seem to be vulnerable; EXE files also appear to be affected and the DLL workarounds proposed by Microsoft do not help.

In a security advisory for the recently updated Safari browser, security service provider ACROS explains the problem. Attackers first save an HTML file and a manipulated file called explorer.exe on a drive. When the victim opens the HTML file with Safari, nothing happens initially, but the file does contain a link to a URI that starts with "file://", which causes Windows to try to start Windows Explorer (explorer.exe). Unfortunately, Windows loads the explorer.exe within the containing folder (the network share) and executes it.

For further details, see ACROS' Binary Planting Goes EXE.

Slashdot Top Deals

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (7) Well, it's an excellent idea, but it would make the compilers too hard to write.

Working...