IBM has discovered a security breach that has been around since Windows 95 and IE 3.0.
Visual Basic Script (VBScript) was introduced to IE as of version 3.0 and since then this breach has existed and it exploits the Windows OleAut32 library.
And make no mistake; this is a serious one since IE3.0 and all versions of Windows, including Windows 8.1 are affected.
On the "Common Vulnerability Scoring System" scale from 1-10 Microsofts rates this as a 9,3!
Naturally this is not good for persistent Windows XP users, who do not get these patches anymore (even if there are ways around that).
Basically your Windows box can be fed with dangerous code by tricking you to enter an address in the browser.
An attacker who successfully exploited this vulnerability could gain the same user rights as the current user, so you better not do all your work as admin
There is no evidence that this has ever been exploited by hackers.
How to avoid it?
Just don't use Internet Explorer - that should be enough.
More here
19 Year old security breach discovered
Moderators: b1o, jkerr82508
19 Year old security breach discovered
Manjaro 64bit on the main box -Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz and nVidia Corporation GT200b [GeForce GTX 275] (rev a1. + Centos on the server - Arch on the laptop.
"There are no stupid questions - Only stupid answers!"
"There are no stupid questions - Only stupid answers!"
Re: 19 Year old security breach discovered
viking60 wrote:How to avoid it?
Just don't use Internet Explorer - that should be enough.
Or quit MS altogether, simple enough