Zero day flaw for Windows XP exploited2010-06-16 09:21 by DanielaTags: Windows XP
A zero day flaw in Windows XP that was outed last week by a Google engineer is being exploited. According to media friendly Graham Cluley, senior technology consultant at the insecurity firm Sophos a compromised website is serving an exploit of the bug in Windows' Help and Support Center to hijack PCs running Windows XP. Cluley has not identified the website, but said that the exploit is a classic drive-by attack that only requires a Windows XP user to visit it. Last week Microsoft listed two potential attack vectors for Windows XP and this was one of them. The other involved convincing users to open malicious e-mail messages. The flaw was first revealed by Tavis Ormandy, a security engineer at Google. He revealed the flaw only five days after reporting it to Microsoft. He said that he revealed the flaw because Microsoft would not commit to fixing the bug in 60 days, and even posted sample exploit code. Read more -here-
Post your review/comments
rate:
avg:
![]() ![]() ![]() ![]() ![]() |