Exploit Based On Leaked Windows Code Released
mischief writes "A post to Bugtraq from SecurityTracker.com reports an Internet Explorer 5 exploit that has been released based on the Win2K code leak: 'It is reported that a remote user can create a specially crafted bitmap file that, when loaded by IE, will trigger an integer overflow and execute arbitrary code.' Only affects IE 5 apparently, but still - it didn't take long!"
From the article:
Date: Sat, 14 Feb 2004 22:08:59 -0800
From:
Subject: [Full-Disclosure] GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution
Someone should remark to Security Tracker to maybe have some discretion when posting their information.
all I can say is let the games begin..
who cares how/why it got it out..
it is out..
and every guy out there looking for the latest 'sploit' will be oggling the code to find just what happens in 'that one key segment' that has been slowing them down..
Soooo glad I am all linux..
anime+manga together at last.. in real time.
On the contrary. If the source code for windows NT was open to the public, this hole would have been patched a long time ago, possibly even before an exploit. But of course, I'm just stating the obvious here...
You know what MS's solution to all these bugs will be - upgrade to XP...
I am one of many. My idea is not unique, nor do I expect my voice alone to sway you. I speak in a chorus of opinion.
It's a sad day when even mods don't RTFA (that's Read The Fine Article for all of you lovely people with mod points today :)
Just musing, but what if Microsoft wanted to speed the acceptance of their upcoming Palladium-based operating system? What's the best way to do that? Release the source, of course!
Maybe Mainsoft's just a scapegoat.
Big Daddy, Johnny, Burp, Aunt Zelda, Scott, Slurp, Big Momma
Another good reason to use Mozilla