Microsoft Warns of New Video ActiveX Vulnerability
ucanlookitup writes "Microsoft has warned of a 'privately reported' vulnerability affecting IE users on XP or Windows Server 2003. The vulnerability allows remote users to execute arbitrary code with the same privileges as the users. The vulnerability is triggered when users visit a web site with malicious code. 'Security experts say criminals have been attacking the vulnerability for nearly a week. Thousands of sites have been hacked to serve up malicious software that exploits the vulnerability.' The advisory can be found at TechNet. Until Microsoft develops a patch, a workaround is available."
http://www.mozilla.com/en-US/firefox/
just warn us when they have found no exploits at all?
meanwhile, we would just assume the default status is that everything is exploitable
it would cut down on the announcements by an order of magnitude
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it