Okay, I have to admit that I should have read the code for this exploit first, because this one has a visit-only requirement. There's a nice video showing metasploit to do this:
If it was up to me to do things I enjoy, I would probably play WOW, eat pizza and masturbate all day long. Happy now?
Everyone seems to be talking as if the problem stops at having IE6 installed. To be exploited, the more stupidity is required. Minimally, the user would have to launch IE6 and visit a malicious web site and probably do a couple of other things as well...
So maybe someone was doing exactly what you say...;-)
Slashdot Mirror
Okay, I have to admit that I should have read the code for this exploit first, because this one has a visit-only requirement. There's a nice video showing metasploit to do this:
http://praetorianprefect.com/archives/2010/01/the-aurora-ie-exploit-in-action/
If it was up to me to do things I enjoy, I would probably play WOW, eat pizza and masturbate all day long. Happy now?
Everyone seems to be talking as if the problem stops at having IE6 installed. To be exploited, the more stupidity is required. Minimally, the user would have to launch IE6 and visit a malicious web site and probably do a couple of other things as well...
So maybe someone was doing exactly what you say... ;-)