Friday, April 28, 2006

And another IE remote hole...

Well, remember that day when the last IE remote hole was posted? Here's another one:

"A vulnerability has been identified in Microsoft Internet Explorer, which could be exploited by remote attackers to take complete control of an affected system. This flaw is due to a race condition in the processing of security dialogs when prompting a user to install/execute an ActiveX control, which could be exploited by remote attackers to manipulate the dialog box and remotely compromise a vulnerable system by convincing a user to visit a specially crafted Web page and perform certain actions (e.g. write a specific text in a text field) that will cause a malicious ActiveX control to be inadvertently installed and/or executed".



Post a Comment

<< Home