Slashdot Mirror
Exploit Based On Leaked Windows Code Released
mischief writes "A post to Bugtraq from SecurityTracker.com reports an Internet Explorer 5 exploit that has been released based on the Win2K code leak: 'It is reported that a remote user can create a specially crafted bitmap file that, when loaded by IE, will trigger an integer overflow and execute arbitrary code.' Only affects IE 5 apparently, but still - it didn't take long!"
From the article:
Date: Sat, 14 Feb 2004 22:08:59 -0800
From:
Subject: [Full-Disclosure] GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution
Someone should remark to Security Tracker to maybe have some discretion when posting their information.
all I can say is let the games begin..
who cares how/why it got it out..
it is out..
and every guy out there looking for the latest 'sploit' will be oggling the code to find just what happens in 'that one key segment' that has been slowing them down..
Soooo glad I am all linux..
anime+manga together at last.. in real time.
You know what MS's solution to all these bugs will be - upgrade to XP...
I am one of many. My idea is not unique, nor do I expect my voice alone to sway you. I speak in a chorus of opinion.
It's a sad day when even mods don't RTFA (that's Read The Fine Article for all of you lovely people with mod points today :)
Just musing, but what if Microsoft wanted to speed the acceptance of their upcoming Palladium-based operating system? What's the best way to do that? Release the source, of course!
Maybe Mainsoft's just a scapegoat.
Big Daddy, Johnny, Burp, Aunt Zelda, Scott, Slurp, Big Momma