Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] New IE Bug Opens XP SP2 To Attack

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] New IE Bug Opens XP SP2 To Attack
Date: Mon, 19 Sep 2005 01:09:11 -0500 (CDT) 
http://www.informationweek.com/story/showArticle.jhtml?articleID=170704182

By Gregg Keizer 
TechWeb News 
Sept. 16, 2005

Microsoft's Internet Explorer browser sports a flaw that hackers could
use to launch a remote attack on Windows XP SP2, eEye Digital Security
said Thursday.

"The flaw is remotely exploitable," said Mike Puterbaugh, eEye's
director of product management.

Although eEye has notified Microsoft of the bug -- and Microsoft has
confirmed receipt of the report -- no patch is available. According to
eEye, that's not unusual: on average, Microsoft has taken 132 days to
patch holes that the Aliso Viejo, Calif.-based security vendor has
reported since February 2004.

eEye takes the unique step of logging its reports to Microsoft, then
showing the number of days since the vulnerability was confirmed by
the Redmond company. After 60 days, it considers a patch "overdue."

Internet Explorer, says eEye, has at least five other critical, but
unpatched, vulnerabilities, including ones reported 15, 46, 129, 134,
and 171 days ago.

Microsoft has been patching IE regularly, but is having trouble
keeping up with the browser's vulnerabilities. In August, it fixed
three bugs in the browser, and since the first of the year, has
patched IE five out of nine months.



_________________________________________
Attend ToorCon 
Sept 16-18th, 2005
Convention Center
San Diego, California
www.toorcon.org
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] New IE Bug Opens XP SP2 To Attack, InfoSec News <=
Previous by Date:  [ISN] Technology Experts: Local wireless networks at risk, InfoSec News
Next by Date:  [ISN] Bruce Schneier: Wrong on Katrina, Wrong on Terrorism, InfoSec News
Previous by Thread:  [ISN] Technology Experts: Local wireless networks at risk, InfoSec News
Next by Thread:  [ISN] Bruce Schneier: Wrong on Katrina, Wrong on Terrorism, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]