|
|
 |
|
|
Pages: 1
Buggy Business
(Click here to view the original thread with full colors/images)
Posted by: TotalRecall
Microsoft's new "security" focus appears very unclear. This could possibly be a medal holder in "most bugs in one week" category. There is a hole in MSN Messenger:
A worm that uses Microsoft's MSN Messenger application to exploit a browser glitch emerged late Wednesday and spread rapidly, despite the existence of a patch covering the security hole, according to experts.
JS/Exploit-Messenger, as it is called, apparently emerged from several different locations at once on Wednesday. It exploits a hole in the Internet Explorer browser that Microsoft made public Feb. 11 along with a bug fix, just two days before the worms appeared.
The hole allows Internet Explorer to automatically execute harmful JavaScript code embedded in a Web page. In this case, code appeared on several Web sites causing Explorer to create a Messenger missive and dispatch it to other contacts within Messenger. The note contains a link back to the Web page containing the code, with a message such as "Hey go to (link) plz" or "Go to (link) NoW!!!"
This is potentionally a dangerous bug. Microsoft has not yet released a patch, but many virus scanner products have updated definition files. Read more at C|Net.
Posted by: SKYHN
....
|
|
|
|
|
