[Full-disclosure] New Internet Explorer code-execution
Georgi Guninski
guninski at guninski.com
Thu Mar 11 19:28:53 GMT 2010
On Wed, Mar 10, 2010 at 11:59:05PM +0530, Pradip Sharma wrote:
> Online thugs are exploiting a security bug in earlier versions of Internet
> Explorer that allows them to remotely execute malicious code, Microsoft
> warned on Tuesday.
>
> http://www.theregister.co.uk/2010/03/09/internet_explorer_attacks/
haha, they updated their ``advisory'' to 1.1 from 1.0 at
http://www.microsoft.com/technet/security/advisory/981374.mspx
they changed ``targeted'' to ``public'' and the rest seems the same.
are targeted customers less important than public customers?
extra points for spelling eCHO as Echo:
Echo y| cacls %WINDIR%\SYSWOW64\iepeers.DLL /E /P everyone:N
Impact of workaround. Extended MSHTML functionality such as printing and
Web folders may be affected.
Full-Disclosure is hosted and sponsored by Secunia.