http://www.theregister.co.uk/2005/12..._trojan_alert/
Why are people publishing flaws before a patch has been released. Theres no point quickly nocking up a patch for the problem you shouldn't break the dev cycle because someone wants some limelight and publicly discloses a bug!Hackers have created a range of Trojan programs which exploit a dangerous new Windows Meta File vulnerability. The vulnerability is rated critical, and so far, no patch has been issued.
The WMF vulnerability exists in computers running Microsoft Windows XP with SP1 and SP2, and Microsoft Windows Server 2003 and stems from a flaw in a utility used to view picture and fax files. The security flaw might be exploited by inducing victims to view maliciously constructed sites, particularly where IE is used as a browser, or when previewing *.wmf format files with Windows Explorer.
Its probably more a moral thing in my mind.


LinkBack URL
About LinkBacks
Reply With Quote

