Thursday, March 29, 2007

Microsoft confirms Windows zero-day, drive-by exploits

Microsoft confirms Windows zero-day, drive-by exploits by ZDNet's Ryan Naraine -- [UPDATE: March 29, 2007 @ 1:15 PM Eastern] Microsoft has confirmed that this is indeed a zero-day flaw that will require a security update. Although Internet Explorer is the primary attack vector, this is a vulnerability in the way Windows handles animated cursor (.ani) files. From Redmond's security advisory: The threat is caused by insufficient [...]

No comments: