Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Important clarification re the Web View Folder Icon Integer Overflow vulnerability

September 28th 2006 in Uncategorized

Despite all the headlines to the contrary, this is not an IE vulnerability, although IE is an exploit vector – it is a vulnerability in the Windows Shell – a subtle but important distinction (it just goes to show – always doublecheck what is being said, no matter who the source is – sorry Tony)  [:(]

MS Security Advisory here – patch due by October 10
http://www.microsoft.com/technet/security/advisory/926043.mspx 

Secunia and FRSIRT have released information about a new vulnerability:
http://secunia.com/advisories/22159/
http://www.frsirt.com/english/advisories/2006/2882


Comments are closed.

Note: despite all the headlines to the contrary, this is not an IE vulnerability, although IE is an exploit vector – it is a vulnerability in the Windows Shell.Edit: MS Security Advisory here – patch due by October 10http://www.microsoft.com/technet/security/advisory/926043.mspx Secunia and FRSIRT have released information about a new IE vulnerability:http://secunia.com/advisories/22159/http://www.frsirt.com/english/advisories/2006/2882My tests indicate that not only does the demonstration page crash Internet Explorer 7 […]

Previous Entry

As noted in this blog post, McAfee's SiteAdvisor scored an extremely low 3 out of 200 (putting them in last place) in the 3sharp antiphishing tools test released just the other day.McAfee are now crying foul.  Shane Keats has posted to my blog, and to the IE blog, disputing the inclusion of McAfee's Site Advisor in the […]

Next Entry

Archives