NEW Windows XP Security Hole

September 23rd, 2006

Yep you guessed it right based on that title, another Windows flaw. I posted about this also on the Rsbandb forums. There is one thing about this one, that is it has not had much coverage yet.

A zero-day exploit, makes it possible for any web site (or HTML email) to take over a Windows machine, even if it’s been fully patched.

http://www.twit.tv/sn58

There is no official patch yet from Microsoft.

You can however get a patch put out by ZERT - Zeroday Emergency Response Team.

You can find instructions for the patch and how to test if your vulnerable at this page.

You can find out more about this Security Now episode here, and get info to download it at TWiT.tv if you want.

It’s a good idea to patch it even if you don’t use Internet Explorer as your browser because some of you guys will use Outlook Express or Outlook which uses IE behind the scenes to display HTML email.

Now we just have to wait to see if Microsoft patches this before patch tuesday in October (second tuesday of the month). Or they may not patch it at all… But lets hope they do.

S12088

Posted by Shane12088 Tags: , Comment now »