Zero-Day IE Exploit Takes Control of PCs
anethema writes "A remote IE exploit with implementations is currently in the wild. From the article: 'Exploit code for a critical flaw in fully patched versions of Microsoft Corp.'s Internet Explorer browser has been released on the Internet, putting millions of Web surfers at risk of computer hijack attacks.' Aparently all you have to do is browse the page to be affected. There is no patch, but since it is a JavaScript exploit, you can work around it by disabling JavaScript."
From eWeek: The group that published the exploit said Microsoft has been aware of the Javascript Window() vulnerability for several months but was mistakenly treating it as a low-priority denial-of-service flaw.
Because anything that allows a malicious user to exploit your system and hijack isn't a flaw... it's a feature!
GetOuttaMySpace - The Anti-Social Network
Ah, the Firefox of Opera - who is that, Pavarotti?
I use netcat.
-- MartinG To mail me: echo kewyjlcxyzvjfxbqwh | tr bcefhjklqvwxyz
Now that you've read the comments, your Windows box belongs to OSTG. Please stand by while we load Linux.........
This sig isn't original enough, it's time to come up with something witty...
I don't browse the web.
Be a real patriot: Question authority. Think for yourself. Formulate your own conclusions.
I use telnet and render the HTML mentally.
What, no link?
You say that in jest, but imagine the possibilities for exploits when/if we get the point of direct neural implants for communications and such. Just imagine, instead of porn popups, lockups, and reboots we'll have people suddenly yelling about viagara at the top of their lungs, freezing up and falling over mid-stride, and suddenly forgetting where they are.
:)
Maybe anyway
You've met my grandfather, I take it.
Two of those three would apply to the current crop of US politicians. All three if you count Bob Dole.
"I use telnet and render the HTML mentally."
You get used to it. I don't even see the code. All I see is blonde, brunette, redhead.
Georgia Tech, the leader in Chia(tm) technology.
Isn't Google's master plan to take over the world dependent upon people using AJAX? If IE has a critical flaw using javascript, and everyone has to turn it off, then nobody will be able to use Google's new products and... Hey wait a minute.
Best. Comment. Ever. Enjoy!
I phone the webmaster and ask him to read me the webpage.
Georgia Tech, the leader in Chia(tm) technology.
DOH! http://validator.w3.org/check?uri=http%3A%2F%2Fwww .comm.utoronto.ca%2F%7Eeckford%2F
Result: Failed validation, 7 errors
"When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
solution:
Buy sony cd,
install rootkit
rename Explorer to $sys$explorer.exe
The Code Ninja is swift with his tool, precise in his delivery, and deadly accurate in his execution.
There is an exploit that my computer suffers from every day. It's called the 'Slash.ORG' worm, and it doesn't matter what kind of browser you use. Once the browser navigates to a certain website, it tends to stay there, refreshing as needed. It's called a DoPE attack, or 'Denial of Productivity for Employer.'
Dark Reflection