Microsoft Warns of New Video ActiveX Vulnerability 146
ucanlookitup writes "Microsoft has warned of a 'privately reported' vulnerability affecting IE users on XP or Windows Server 2003. The vulnerability allows remote users to execute arbitrary code with the same privileges as the users. The vulnerability is triggered when users visit a web site with malicious code. 'Security experts say criminals have been attacking the vulnerability for nearly a week. Thousands of sites have been hacked to serve up malicious software that exploits the vulnerability.' The advisory can be found at TechNet. Until Microsoft develops a patch, a workaround is available."
Oh well. (Score:4, Funny)
affecting IE users on XP
Good thing none of them read Slashdot.
better workaround (Score:5, Funny)
Re:Isolate! (Score:3, Funny)
I don't know, but I bet that the Phantom wouldn't like it.
But... (Score:2, Funny)
Hi, I'm a mac (Score:2, Funny)
I have nothing further to say, I just wanna stand here in my black turtle-neck with my cup of coffee looking smug. /typed on my MBP, so simma-down now fan boys... ;-P
Seriously, this exploit sucks. I've gotta patch a butt-load of computers today now. Thanks a lot MS. Anyone know if the MSI file has a silent install option? Or can it be done via GPO?
I just walked in, this smacked me right in the face this am. Damnit.
couldn't microsoft (Score:5, Funny)
just warn us when they have found no exploits at all?
meanwhile, we would just assume the default status is that everything is exploitable
it would cut down on the announcements by an order of magnitude
Re:Simplest workaround (Score:1, Funny)
Active X... (Score:2, Funny)
Re:Isolate! HA! (Score:2, Funny)
So I guess you don't use any Operating System then?
No, He prefers to communicate using God's language, machine code.