http://www.computerworld.com/s/article/9178084/Hackers_exploit_Windows_XP_zero_day_Microsoft_confirms By Gregg Keizer Computerworld June 15, 2010 Hackers are now exploiting the zero-day Windows vulnerability that a Google engineer took public last week, Microsoft confirmed today. Although Microsoft did not share details of the attack, other researchers filled in the blanks. A compromised Web site is serving an exploit of the bug in Windows' Help and Support Center to hijack PCs running Windows XP, said Graham Cluley, a senior technology consultant at antivirus vendor Sophos. Cluley declined to identify the site, saying only that it was dedicated to open-source software. "It's a classic drive-by attack," said Cluley, referring to an attack that infects a PC when its user simply visits a malicious or compromised site. The tactic was one of two that Microsoft said last week were the likely attack avenues. The other: Convincing users to open malicious e-mail messages. [...] _________________________________________________________________ Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada July 24-29th, offering over 60 training sessions and 11 tracks of Briefings from security industry elite. To sign up visit http://www.blackhat.comReceived on Tue Jun 15 2010 - 22:24:11 PDT
This archive was generated by hypermail 2.2.0 : Tue Jun 15 2010 - 22:32:30 PDT