Please create an account to participate in the Slashdot moderation system


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
User Journal

Journal twitter's Journal: SANS Says Cursor Exploit Nails Vista. 2

An, animated cursor flaw will have IE users crying:

The flaw is present on virtually the entire line of Windows OSes, including Vista, which has been held up as Redmond's poster child for safe computing. According to McAfee, Windows users browsing malicious sites using IE versions 6 or 7 risk having arbitrary code run on their machines. Those using Firefox are not vulnerable.

Upon viewing a web page, previewing or reading a specially crafted message, or opening a specially crafted email attachment the attacker could cause the affected system to execute code.

Some exploits in the wild are reported to be embedded in jpeg files, SANS says in an advisory.

SANS mitigation is to use IE in "protected mode" but this won't fix Outlook! Viewing email in plain text offers some protection for Thunderbird and Outlook users. I say, escape the trap.

This discussion has been archived. No new comments can be posted.

SANS Says Cursor Exploit Nails Vista.

Comments Filter:

The difficult we do today; the impossible takes a little longer.