Microsoft Warns of New Video ActiveX Vulnerability
ucanlookitup writes "Microsoft has warned of a 'privately reported' vulnerability affecting IE users on XP or Windows Server 2003. The vulnerability allows remote users to execute arbitrary code with the same privileges as the users. The vulnerability is triggered when users visit a web site with malicious code. 'Security experts say criminals have been attacking the vulnerability for nearly a week. Thousands of sites have been hacked to serve up malicious software that exploits the vulnerability.' The advisory can be found at TechNet. Until Microsoft develops a patch, a workaround is available."
"Funnily, this issue is exactly the same in Linux "
Funny, but the situation is not like that at all on Linux. On Linux, the browser runs inside SELinux and has ZERO ability to get at any kinds of administrative functionality.