Slashdot Mirror

← Back to Stories (view on slashdot.org)

MSN, Word Vulnerable To Shell: URI Exploit

Posted by timothy on Monday July 12, 2004 @11:42AM from the we'll-get-our-top-men-right-on-it dept.

LnxAddct writes "InfoWorld is reporting that a few Microsoft products are also vulnerable to the "shell:" scheme vulnerability found in Mozilla last week. These applications include Microsoft Word and MSN Messenger."

1 of 392 comments (clear)

Re:Misinformation... by Nevo · 2004-07-12 15:28 · Score: 0, Troll

Actually, to a large extent, Microsoft is right here. It's no secret that as soon as a patch is released, the bad guys diff the new and old versions of the file to see what changed, which leads them right into creating an exploit.

Without the diff, it's a LOT (and I do mean a *lot*) harder for the population at large to create these attacks.

To a very large extent, there ARE no malicious attackers when the fix gets out before word of the exploit does.