Hackers Jump On Newest IE7 Bug 162
CWmike writes "Attackers are already exploiting a bug in Internet Explorer 7 that Microsoft patched just last week, security researchers warned today. Although the attacks are currently in 'very, very small numbers,' they may be just the forerunner of a larger campaign, said Trend Micro's Jamz Yaneza. 'I see this as a proof-of-concept,' said Yaneza, who noted that the exploit's payload is extremely straightforward and explained that there has been no attempt to mask it by, say, planting a root kit on the victimized PC at the same time. 'I wouldn't be surprised to see this [exploit] show up in one of those Chinese exploit kits,' he added. The new attack code, which Trend Micro dubbed 'XML_Dloadr.a,' arrives in a spam message as a malicious file masquerading as a Microsoft Word document."
Whew! (Score:4, Funny)
Glad I'm using Lotus Notes. Hmm...
Re:Whew! (Score:4, Funny)
Oops! Wrong exploit I was referring too. Stupid 'submit' button...
Re:Whew! (Score:5, Funny)
Glad I'm using Lotus Notes.
That's a first!
Re:Hopefully attacks like this won't be as prevole (Score:5, Funny)
Running Chrome or Firefox won't stop idiots from opening strange attachments.
Running Linux will.
Masquerading? (Score:5, Funny)
a malicious file masquerading as a Microsoft Word document
I don't think this is the same definition that the rest of us use. In related news, a lizard was seen masquerading as a gecko.
Linus quote about Microsoft (Score:2, Funny)
"They invade our computers, and we fall back. They assimilate entire servers, and we fall back. Not again. The line must be drawn here! This far and no further! And I will make them pay for what they've done!" - Linus Torvald
Re:Hopefully attacks like this won't be as prevole (Score:1, Funny)
Linux makes you smarter.
Re:minor pedantry (Score:3, Funny)
Next thing you're going to tell me is that the plural of moose isn't meese. Stupid pedants.
Re:minor pedantry (Score:5, Funny)
...and the plural of mongoose is polygoose ....
Re:Hopefully attacks like this won't be as prevole (Score:4, Funny)
But what about those of us who are callous (lazy) enough to run as root 24/7 ? We're just not naive enough to run foreign attachments from people we don't know (or don't trust).
Sure, make things nerf-safe for the common user, but don't go bashing those of us who actually run these machines.
Tell me about it.
I got rid of my front door a few weeks ago as I was sick of trying to find my keys. I can live with all the thefts and waking up to find the odd vagrant crashed out on my sofa, but it's the people that bash on me about it that pisses me off.