Revealed by hackers
A GROUP of hackers has posted a new vulnerability in Internet Explorer and released exploit code, says
PC World.
A sample exploit of the vulnerability was posted by hackers on the xsec.org Web site and it uses a similar method to a bug that Microsoft fixed last month.
Attackers have to trick users into viewing a maliciously encoded Web page, but they can then run unauthorised code on a victim's computer.
Symantec's Security Response team said that it has yet to see the code used in any attacks, although it has labelled the exploit as "critical".
Security outfit Secunia said its boffins could create a "fully working" exploit for the latest version of Windows XP running Internet Explorer 6. Windows 2000 users are also vulnerable. More
here.
The INQuirer