CNET News.com: "Miscreants are using an unpatched security bug in Internet Explorer to install malicious software from rigged Web sites, experts warned Tuesday.
The vulnerability lies in the way IE 6 handles certain graphics. Malicious software can be loaded, unbeknownst to the user, onto a vulnerable Windows PC when the user clicks on a malicious link on a Web site or an e-mail message, several security companies said.
'Fully patched Internet Explorer browsers are vulnerable,' Ken Dunham, director of the rapid response team at VeriSign's iDefense, said in an e-mailed statement. 'This new zero-day attack is trivial to reproduce and has great potential for widespread Web-based attacks in the near future.' "
No comments:
Post a Comment