Frontpage
Forums
Tutorials
Members
Calendar
Subscription
Donate
Links
Contact 
Help
"Microsoft and Secunia are warning about the discovery of a new 'Zero-day' vulnerability affecting all Microsoft based operating systems except Windows 2003. A vulnerability has been reported in Microsoft XML Core Services, which can be exploited by malicious people to compromise a users system.
More here
Page 1 of 1
A New Zero-Day Vulnerability In Windows
Rate Topic:
#1
- MCSA W2K, MCDST
-
- Group: Patrons
- Posts: 1,431
- Joined: 02-September 04
Posted 05 November 2006 - 03:45 PM
Back to top
#2
- Coffee Aficionado
-
- Group: Super Moderator
- Posts: 5,031
- Joined: 14-July 04
- OS:Windows 7 x64
-
Country:
Posted 05 November 2006 - 04:28 PM
Yep, word came out yesterday. You can get thoroughly "pwn3d" via the XMLHTTP v4 ActiveX object (used in for AJAX namely), so IE users are at risk (including v7), and other apps based on the same rendering engine. So much for IE7 being sooooo much more secure 
BTW, your link is broken. Here's a link to the secunia advisory
BTW, your link is broken. Here's a link to the secunia advisory
#3
- MCSA W2K, MCDST
-
- Group: Patrons
- Posts: 1,431
- Joined: 02-September 04
Posted 05 November 2006 - 06:00 PM
crahak, on Nov 5 2006, 11:28 PM, said:
BTW, your link is broken. Here's a link to the secunia advisory
Thx for info. Link fixed..
#4
- MSFN Junkie
-
- Group: Banned
- Posts: 3,399
- Joined: 04-December 05
Posted 08 November 2006 - 09:40 PM
ActiveX, you say...
If anyone has a link to a malicious site using this exploit, I would appreciate it. This isn't scaring me at all.
Learn to SECURE YOUR IE!
If anyone has a link to a malicious site using this exploit, I would appreciate it. This isn't scaring me at all.
Learn to SECURE YOUR IE!
#5
- Snap ... Crackle ... Pop
-
- Group: Members
- Posts: 1,746
- Joined: 12-December 03
Posted 09 November 2006 - 10:15 PM
god windows is always a target, , but this news dosnt come a shocker, thanks for the heads up,
#6
- Member
-
- Group: Members
- Posts: 206
- Joined: 16-July 06
Posted 12 November 2006 - 06:42 AM
the only shocker is that it took this long for the first real IE7 exploit. (the other one doesn't count)
#7
- MSFN Expert
-
- Group: Members
- Posts: 1,154
- Joined: 13-April 05
Posted 18 November 2006 - 02:19 AM
LLXX, on Nov 8 2006, 09:40 PM, said:
ActiveX, you say...
If anyone has a link to a malicious site using this exploit, I would appreciate it. This isn't scaring me at all.
Learn to SECURE YOUR IE!
If anyone has a link to a malicious site using this exploit, I would appreciate it. This isn't scaring me at all.
Learn to SECURE YOUR IE!
Ugh! Are you still using Internet Explorer 5.0? Internet Explorer 5.0 has a bug that causes that message to pop up every time I use the back button or forward button, even when the web page don't use ActiveX.
#8
- Gustatus similis pullus
-
- Group: Supervisor
- Posts: 10,936
- Joined: 09-September 01
- OS:Windows 7 x64
-
Country:
-
Posted 18 November 2006 - 01:04 PM
IE7 on downloevel clients (read, not Vista) will probably always be vulnerable to the same exploits IE6 was vulnerable too, to some extent. Once it's on Vista and in protected mode, however, it would take a user a few "are you sure?" clicks to make this happen. Not impossible, but at least more difficult.
#9
- MSFN Junkie
-
- Group: Banned
- Posts: 3,399
- Joined: 04-December 05
Posted 18 November 2006 - 05:38 PM
RJARRRPCGP, on Nov 18 2006, 03:19 AM, said:
LLXX, on Nov 8 2006, 09:40 PM, said:
ActiveX, you say...
If anyone has a link to a malicious site using this exploit, I would appreciate it. This isn't scaring me at all.
Learn to SECURE YOUR IE!
If anyone has a link to a malicious site using this exploit, I would appreciate it. This isn't scaring me at all.
Learn to SECURE YOUR IE!
Ugh! Are you still using Internet Explorer 5.0? Internet Explorer 5.0 has a bug that causes that message to pop up every time I use the back button or forward button, even when the web page don't use ActiveX.
I don't mind the message.
Share this topic:
Page 1 of 1