|
0-day bug shatters Windows |
|
|
|
Submitted by actz
|
|
Monday, 06 November 2006 |
|
 Security researchers have identified an unpatched vulnerability in
Windows. The flaw - which affects all supported versions of Windows bar
Windows 2003 - resides in a security bug in Microsoft XML Core
Services, specifically an unspecified security bug in the XMLHTTP 4.0
ActiveX Control.
The flaw creates a means for hackers to inject malware onto the PCs
of surfers running IE who visit a website hosting malicious code that
attempts to harness the security bug. Security notification firm
Secunia says that the vulnerability is being actively exploited by hackers.
Source: The Register
|
