Internet Explorer Exploit Found
- By The WHIR, June 09, 2004
-
Digg
Delicious
Reddit
Newsvine
Stumbleupon
Twitter
(close)
Share
|
Send |
Print |
Comments (0)
Level 1 PCI DSS Certified Service Provider! DataPipe delivers the best network & support; top tier data centers; New York metro, Silicon Valley, London, Hong Kong, Shanghai. DataPipe - Personal Touch, Global Reach.
June 9, 2004 -- (WEB HOST INDUSTRY REVIEW) -- According to research and analysis firm Netcraft (netcraft.com), a security hole in Internet Explorer allows hackers to gain control over a user's computer when that user clicks on a malicious hyperlink. Netcraft said the flaw is exploitable even if users are operating a fully-patched version of Internet Explorer 6.
The vulnerability consists of several unpatched flaws in Internet Explorer. An attack, combining a series of Javascript, VBScript and PHP code, tricks the browser into running code on a remote server as if it were a local help file. While this is happening, a javascript that can run with local privileges is downloaded. The javascript launches a remote php file, which downloads a trojan of the attacker's choice to the compromised system.
The exploit is launched when a user clicks on a malicious link in an email or Web page.
Tags: security hackers Internet Explorer Netcraft Promise
Digg
Reddit
Facebook
Google
Yahoo! Bookmarks
Log into your account to access enhanced commenting features (such as external linking) in news, features, blogs and more.
Don't have an account yet? Register now!
- Submit your company to our directory
- Submit news, articles and guides
- Add enhanced comments with links
- and more!