Windows Vista "zero Day Flow"- Dangerous!


Recommended Posts

Windows zero-day flaw 'very dangerous,' experts say

With Vista at risk, eEye issues unofficial patch; attacks traced to Chinese hackers

Gregg Keizer

-- The Windows zero-day bug now being used by attackers is extremely dangerous, security researchers said today, and ranks with the Windows Metafile vulnerability of more than a year ago on the potential damage meter.

"This is a good exploit," Roger Thompson, CTO of Exploit Prevention Labs, said in an instant message exchange. "It's very dangerous. One of the reasons is that there's no crash involved...it's instantaneous. And all it takes is visiting a site."

»»Yesterday, Microsoft Corp.'s Security Response Center (MSRC) issued an advisory acknowledging a bug in Windows' animated cursor, a component that lets developers show a short animation at the mouse pointer's location. Attackers, who are already exploiting the bug in limited fashion, can hijack PCs by tempting users to malicious Web sites or by sending them a malformed file via e-mail.

"It doesn't require a PhD in hacking," Brown said. "The number of people who can use this is huge."

eEye considered it so dangerous that early this morning it released a rare unofficial patch to temporarily plug the dike. This is only the second time that eEye has put out an unsanctioned fix for a Microsoft bug.

MORE HERE:

http://www.computerworld.com/action/articl...ticleId=9015138

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...