Bugs, Exploits Dog XP SP2

kelston · Aug 21, 2004, 02:06 AM

"Meanwhile, security researchers are reporting a new vulnerability in SP2 that could allow a malicious Web site to deposit an attack program on a user's system.

The attack utilizes Internet Explorer's drag-and-drop features and the Windows "shell folders" to copy an executable from a malicious Web site to a user's startup folder, from which it would execute the next time the user logged on. The researcher who reported the problem to security mailing lists provided proof-of-concept code that leaves a file named "malware.exe" in the user's startup folder."

Source: eWeek

Aug 21, 2004, 02:06 AM	#1
kelston HardwareHeaven Addict Join Date: May 2003 Location: Bayside, NY USA Posts: 360 Rep Power: 0	Bugs, Exploits Dog XP SP2 "Meanwhile, security researchers are reporting a new vulnerability in SP2 that could allow a malicious Web site to deposit an attack program on a user's system. The attack utilizes Internet Explorer's drag-and-drop features and the Windows "shell folders" to copy an executable from a malicious Web site to a user's startup folder, from which it would execute the next time the user logged on. The researcher who reported the problem to security mailing lists provided proof-of-concept code that leaves a file named "malware.exe" in the user's startup folder." Source: eWeek