Spyware Sucks » Blog Archive » Important clarification re the Web View Folder Icon Integer Overflow vulnerability

Important clarification re the Web View Folder Icon Integer Overflow vulnerability

September 28th 2006 in Uncategorized

Despite all the headlines to the contrary, this is not an IE vulnerability, although IE is an exploit vector – it is a vulnerability in the Windows Shell – a subtle but important distinction (it just goes to show – always doublecheck what is being said, no matter who the source is – sorry Tony) [:(]

MS Security Advisory here – patch due by October 10
http://www.microsoft.com/technet/security/advisory/926043.mspx

Secunia and FRSIRT have released information about a new vulnerability:
http://secunia.com/advisories/22159/
http://www.frsirt.com/english/advisories/2006/2882

Comments are closed.

Secunia and FRSIRT announce IE vulnerability – Web View Folder Icon Integer Overflow

Note: despite all the headlines to the contrary, this is not an IE vulnerability, although IE is an exploit vector – it is a vulnerability in the Windows Shell.Edit: MS Security Advisory here – patch due by October 10http://www.microsoft.com/technet/security/advisory/926043.mspx Secunia and FRSIRT have released information about a new IE vulnerability:http://secunia.com/advisories/22159/http://www.frsirt.com/english/advisories/2006/2882My tests indicate that not only does the demonstration page crash Internet Explorer 7 […]

Secunia and FRSIRT announce IE vulnerability – Web View Folder Icon Integer OverflowPrevious Entry

McAfee Site Advisor in damage control after the release of the 3sharp report

As noted in this blog post, McAfee's SiteAdvisor scored an extremely low 3 out of 200 (putting them in last place) in the 3sharp antiphishing tools test released just the other day.McAfee are now crying foul. Shane Keats has posted to my blog, and to the IE blog, disputing the inclusion of McAfee's Site Advisor in the […]

McAfee Site Advisor in damage control after the release of the 3sharp reportNext Entry