Another Unpatched Windows Bug
Published Tue, Nov 7 2006 10:32 AM
Technorati Tags: Computers and Internet
For the second time in less than a week, Microsoft has acknowledged that attackers are exploiting a critical, unpatched flaw in Windows to snatch PCs from their owners.
The new bug, which is in an ActiveX component of Microsoft XML Core Services 4.0 -- a service that lets developers use scripting languages such as JavaScript and Visual Basic to access XML documents -- is being put to work now by attackers, Microsoft admitted in a security advisory posted late Friday.
"We are aware of limited attacks that are attempting to use the reported vulnerability," said Ben Richeson, a program manager with the Microsoft Security Response Center, in a blog entry Saturday. "We'll continue to monitor the situation and provide updates should the situation change," Richeson added.
...
This is the second advisory Microsoft has posted in the last week concerning a zero-day flaw, one which attackers already are exploiting. The first called out a critical flaw in Visual Studio 2005 last Tuesday. It also was the fifth vulnerability affecting Internet Explorer that's been disclosed since the browser updated to version 7 on Oct. 18.
Read more here.
%*#@!# - I like Internet Explorer 7! Five vulnerabilities already? If I could plug the Windows Live toolbar into Firefox I'd ditch IE faster than Ted Kennedy ditched Mary Jo Kopechne.
Trackback URI for this post: http://perrinelson.com/track.aspx?postid=83
Permalink URI for this post: http://perrinelson.com/2006/11/7/83.aspx
Subscribe to this entry's
comment feed. (Atom)
Comments to this entry are closed.