Slashdot Mirror

← Back to Stories (view on slashdot.org)

Code Posted For New IE Exploit

Posted by ryuzaki0 on from the not-quite-zero-day dept.

PC World is reporting that two days ago hackers posted code for a new vulnerability in Internet Explorer that could allow drive-by takeover of a vulnerable PC. Security companies say that no exploits using the "daxctle" vulnerability have yet been found in the wild, but they are taking the new threat seriously. Symantec calls the bug "critical" and Secunia rates it highly critical, the most severe rating. The hackers who posted the sample code, xsec.org, refer to it as a "0day" exploit. The article quotes another security expert who calls this label "a stretch." Update: 09/17 18:00 GMT by C :Fixed link to XSec. Thanks for pointing that one out, folks.

3 of 123 comments (clear)

  1. Since /.'s already turned into bugtraq... by mobby_6kl · · Score: 2, Funny

    why not post these:

    Linux Kernel SMBFS CHRoot Security Restriction Bypass
    Linux Kernel SCTP Multiple Remote Denial of Service
    Apple Mac OS X KExtLoad Format String Weakness
    Mozilla Firefox JavaScript Handler Race Condition Memory Corruption Vulnerability

  2. Re:fux0r3d by rolandog · · Score: 2, Funny

    In capitalist America, your computer can have 'safe sex' by using the Firefox condom and taking the 'NoScript' pill.

  3. Real Damage by nurb432 · · Score: 4, Funny

    what ever happened to exploits ( be it virus, trojan, whatever ) that cased some REAL damage?

    All this whimy-ass 'botnet' garbage needs to end. We need something that totally kills windows when you get infected. Get the people pissed off enough to force microsoft into doing something.

    --
    ---- Booth was a patriot ----