4play
06-09-2004, 11:49 PM
A Computerworld Article reports a pair of vulnerabilities to Internet Explorer that allow Windows machines to be 0wned by a single click on a malicious web page. It was discovered by Dutch researcher Jelmer. As usual, the primary workaround is to disable Active Scripting for any sites that aren't Trusted, but you should have turned off that and Javascript years ago for safety anyway. At least one of the holes is fixed in XP Service Pack 2, but that doesn't fix previous versions of Windows and it's still only beta."
source (http://slashdot.org/article.pl?sid=04/06/09/116237&mode=thread&tid=113&tid=126&tid=172&tid=95)
this seems nasty to me since spyware, malicious code or anything else can be run with just a click of a button without your consent.
analysis (http://62.131.86.111/analysis.htm) of the code to see what it does.
there is no fix at the moment for this. apart from firefox :)
source (http://slashdot.org/article.pl?sid=04/06/09/116237&mode=thread&tid=113&tid=126&tid=172&tid=95)
this seems nasty to me since spyware, malicious code or anything else can be run with just a click of a button without your consent.
analysis (http://62.131.86.111/analysis.htm) of the code to see what it does.
there is no fix at the moment for this. apart from firefox :)