Views: 1,771 So another IE 0-Day has been uncovered, and is in use in the wild for drive-by attacks on unwitting web users. I have to say, technically speaking, this attack is rather impressive – in terms of the exploit, the delivery method and the way that it runs. It retrieves the PE headers from […]
IE-security
Microsoft Investigates IE CSS Cross-Origin Theft Vulnerability
Views: 6,774 There’s a lot of circumstantial evidence surround this as Microsoft themselves haven’t clarified or publicly announced anything related to the CSS Cross-Origin Theft bug – but it seems fairly clear. Some media sources are quoting it as a ‘new bug‘ – which it isn’t, according to other sources it has been known about […]
Clever Attack Allows Theft Of Names & Addresses From IE & Safari
Views: 9,090 There has been some very clever attacks lately, especially involving browsers and the kind of data they can leak when probed the right way. The biggest press recently was generated by the history leak that occurs in most browsers. Another clever attack that got some coverage lately was tabnapping and the latest is […]
Microsoft Patches At Least 34 Bugs Including Pwn2Own Vulnerability
Views: 9,901 What a massive mother-load of patches Microsoft has unleashed on this month patching more than 34 security vulnerabilities including the fairly high profile vulnerability exploited at the Pwn2Own contest earlier this year in April. Good news as long as all the average Internet users actually use Windows Update and install the latest patches, […]
Microsoft Releases Out-Of-Band Patch For IE 0-Day Vulnerability
Views: 8,039 [ad] Ah Microsoft is treating this one seriously after France and Germany advised users to avoid IE. The current strain being exploited only targets IE6 users, but one security company has developed an exploit for IE8 which also bypasses DEP (Data Execution Prevention). It was rumoured this was the exploit used last week […]