The link above is at eWeek, who seem to be doing a decent job of covering this as it begins to develop. If I were you, I would seek news of this elsewhere, as well, as it is unlikely any one site will have all the details correctly at once.
It's another of those pesky meta file holes. Proof of concept code is on the web and the attack is taking place, right now. Read about that here. And there is more to it than is evident now, so it behooves us to try to keep up as things progress. Needless to say, this is serious. Very much so. Microsoft even says so. You can read their advisory and recommendations for workarounds here.
And while you're at it, you probably ought to have a look at this which details how this vulnerability was sold on the underground market for $4K!
As long as I'm piling it on, here's another one guaranteed to ruin your dinner
Jack
No comments:
Post a Comment
All comments are moderated.
Note: Only a member of this blog may post a comment.