Firefox 2/IE 7 animated cursor exploit on the way

IT Security
Software Patches
Software News
Microsoft Windows
Internet Explorer (IE)

In a column for ZDnet, George Ou reveals that security firm Determina plans to release a proof of concept animated cursor exploit that will allow attackers to hijack Mozilla 2 and IE7 running on Vista. An attack could allegedly be stopped by Microsoft’s DEP (Data Execution Prevention) in Windows XP SP2 and Vista but is confoundingly turned off by default in most Windows programs. Interestingly enough, IE7 has the advantage here, as Ou writes, “What’s interesting about this is the fact that Firefox doesn’t have the benefit of Protected Mode under Vista, which can somewhat mitigate the damage that can be done if Internet Explorer 7 is exploited by this vulnerability.” Determina is waiting for Mozilla to issue a patch before releasing the exploit code. As you will recall, Microsoft will be releasing a patch for the vulnerability today.

For more on the attack:
– see this ZDnet column


Post new comment

The content of this field is kept private and will not be shown publicly.

More information about formatting options

What is 33 + 38?
To combat spam, please solve the math question above.