Jump to content
xisto Community
Sign in to follow this  
r3d1405241470

Warning! Ie Xp Sp 2 Bugs for those who still use ie

Recommended Posts

A new win ie xp sp2 exploit, worser than ever.

"]....

Security experts have identified a modified exploit that can target computers running Windows XP SP2.

Although the exploit is tricky to perform, it combines two vulnerabilities in Internet Explorer 6 with a series of ActiveX exploits to break security settings in computers running SP2. It runs when a user moves a file or an image from one part of a Web page to another, but in the process the exploit downloads code to machines that circumnavigates Local Computer security settings in SP2.

....

Researchers at Danish security company Secunia have labelled the vulnerability as "highly critical" because it allows hackers to access local resources and bypass security features in Windows XP SP2.

"This is the most serious vulnerability for SP2 that we have the moment," said Thomas Kristensen. "The problem is that by exploiting this vulnerability in IE it's possible to drag a file into the local security zone and change the settings. On an SP2 system, this shouldn√Ęt be a problem, but it is still possible to bypass the security with an Active X control."

...

"It's a series of events you have to perform before you are able to bypass security settings," said Kristensen. "It is complicated. But they are several minor issues that can be compromised so it's possible to circumnavigate the security settings."


we expect that SP2 was supposed to tightly lock down the security issues with IE 6, but this was clearly a compromise in it security. The solution was to disable the drag-and-drop or copy-and-paste options on Internet Explorer and set the security level to "high" in the Internet zone.

Share this post


Link to post
Share on other sites

O_o;; I think it goes without saying that the bigger the corporation releasing the software, the more vulnerable it is. They can't be very efficient or secure with that large of a company, so they just do the best they can for as little money spent as possible.Which is why I'm not using IE, I'm using Firefox. ^_^

Share this post


Link to post
Share on other sites

i cant WTF are the IE experts doing....... More n more holes .. more n more patches to download.... i m feeling dizzy with this Windows..... I should have chosen linux on my COM

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.