Wednesday, December 03, 2008   
  Search   
 
 
Register  Login  
Forums  
     Minimize  

Welcome to MeraWindows forums.

Thank you for being at the Microsoft Windows Community Site. You may have to register before posting in forums. It's absolutely free. After registering, you can get all the benefits available to our registered members, you can access our Downloads section, you can participate in contests, etc. You can post in forums in English as well as in Hindi, in fact we encourage you to use Hindi in your posts. If you have any problem with registration or login, please contact us.
     
  


 
  Microsoft Windows Forums  Windows Applica...  Internet Explor...  Latest Windows Exploit Spreads, ZERT Issues Fix
Previous Previous
 
Next Next
New Post 10/3/2006 8:51 PM
User is offline Ankur Mittal
3795 posts
ankurmittal.com
Distinguished Member




Latest Windows Exploit Spreads, ZERT Issues Fix 
Microsoft said it is working overtime to fix a flaw in Windows that a security company noted on Monday could soon be used by as many as 600 malicious Web sites.

Multiple versions of exploit code for the vulnerability in the "WebViewFolderIcon" ActiveX control -- also dubbed the "setslice" bug by some security organizations -- has been spotted on the Web, said the SANS Institute's Internet Storm Center Monday. ISC raised its Internet threat status warning to "Yellow" on Friday to account for the spreading code.

"The exploit is widely known, easy to recreate, and used on more and more websites," the ISC alert read. "The risk of getting hit is increasing significantly and the type of users of the exploit are also not the least dangerous ones. Some of the exploits are believed to be linked to CWS (CoolWebSearch), which is notoriously hard to remove." CoolWebSearch is an adware package that tracks users movements on the Web that one anti-spyware vendor warns to "handle with care!"

Although the Redmond, Wash. developer has not issued a fix -- it's shooting for Oct. 10 -- the independent Zeroday Emergency Response Team (ZERT) has produced an unsanctioned patch that should stymie attacks. ZERT, which first popped into the news Sept. 22 when it beat Microsoft to the VML fix punch by 4 days, has updated its ZProtector framework to account for the new vulnerability.

Download: ZERT (unsanctioned) Patch | 168 KB
Tech Today
 
 Page 1 of 1
Previous Previous
 
Next Next
  Microsoft Windows Forums  Windows Applica...  Internet Explor...  Latest Windows Exploit Spreads, ZERT Issues Fix


   Get Your Own E-Mail Account @MeraWindows.com Minimize  
New Page 1 New Page 1
Show your cool quotient with @merawindows.com email account
     
  
 
 
Terms Of Use   Privacy Statement  
© 2008 MeraWindows.com