Bugs Exploits Dog XP SP2

Discussion in 'Submit News' started by kelston, Aug 21, 2004.

  1. kelston

    kelston Active Member

    May 10, 2003
    Likes Received:
    Trophy Points:
    "Meanwhile, security researchers are reporting a new vulnerability in SP2 that could allow a malicious Web site to deposit an attack program on a user's system.

    The attack utilizes Internet Explorer's drag-and-drop features and the Windows "shell folders" to copy an executable from a malicious Web site to a user's startup folder, from which it would execute the next time the user logged on. The researcher who reported the problem to security mailing lists provided proof-of-concept code that leaves a file named "malware.exe" in the user's startup folder."

    Source: eWeek

Share This Page