Another Exploit opens Windows Contacts

The other day I mentioned I found an exploit that tries to infect Windows and also attempts to open Windows Contacts (Address Book) … well it looks like I found another one … yikes!

Same attempt but from a different source this time … I previously contacted Microsoft about this, however when they went to check it out the site used to host the exploit no longer existed … hopefully this one will stay up long enough for them to diagnose the problem …

As you can see I highlighted the two suspect sites … the first encoded javascript calls the second site … and thus the exploit attempts to infect Windows Vista. Fortunately IE7/Vista blocked both attempts … I’ll be contacting Microsoft again, as I saved the exploit files this time … if anyone happens across this type exploit simply click the “Don’t allow” button and exit from the site …

FYI: the site “vulgator(dot)com” is not a malicious site … but rather has been hacked and a malicious script has been injected.



Comments are closed.