13:32 0day exploit in ie7 | |
In addition to the post: A new attack on unclassified flaw in the browser, IE 0-day-called exploits those vulnerabilities that are discovered by hackers and not yet released patches or about which nothing is known the relevant security authorities of companies, whose products were found gaps. It turns out that "sensational" in the last days of a security hole IE7, was not eliminated in yesterday's (12/09/2008) Patch MS08-073. This means that this vulnerability is currently present in fully patched Windows XP. Heap (born heap) - in computer science and programming area reserved address space, the code name of a data structure over which to implement dynamic memory applications. Wikipedia exploit is based on a heap overflow, this attack is known as a heap overflow, affecting the XML parser browser. After installing the heap walking-code checks to see if the exploit works. For "successful" operation requires a browser exploit in IE7 and Windows XP or Windows 2003. The following is a delay of several seconds, which allows you to fool anti-virus and malicious code is executed. It should be said that this exploit code is publicly available on the set of information security site. This indicates a high probability of massive attacks of this kind, including by ssript kiddie. Be careful! Based on the 0-day exploit for Internet Explorer in the wild | |
|
Total comments: 0 | |