Email Login| Link Exchange | Cyber News | Phishing Attack | SQL Injection | SEO | DOS Attack | Hacking Tools | |Hacking Tricks | Penetration Testing | Trojans & Keyloggers |Hacking Videos | General Discussion | Website Hacking | Session Hijacking | Social Engineering | Anonymous Surfing | Recover Passwords | Bypass Firewall | Hacking Books | Network Sniffers | Password Cracking | Enumerating & Fingerprinting | Movies & Songs

Learn How to Hack

Click Here to Learn Ethical Hacking From Amarjit Singh & Ajay Anand

Monday, March 1, 2010

Microsoft confirms zero day bug

Software giant Microsoft has confirmed it's investigating an unpatched Windows XP bug that allows hackers could exploit to plant malware on Windows XP machines running Internet Explorer.

Maurycy Prodeus, the Polish security analyst with iSEC Security Research announced on Friday that the flaw could be used by attackers to inject malicious code onto victims' PCs.

Those using Windows XP and IE7 or IE8 are at risk, Prodeus warned.

Redmond said that it is investigating the vulnerability involving the use of VBScript and Windows Help files within Internet Explorer.

Jerry Bryant, a senior manager with the Microsoft Security Response Center (MSRC) has confirmed that Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2, are not affected.
He did say that Redmond has not seen the attack exploited yet.

The bug is a "logic flaw," which attackers could exploit it by feeding users malicious code disguised as a Windows help file. It then convinces them to press the F1 key when a pop-up appeared.

It is a bit tricky to pull off because the attacker needs to force a victim to visit a malicious Web page.

Other insecurity experts have confirmed that the exploit works.

SOURCE: TechEye

If you like this post and want us to post similar articles, Pls give us a feedback and leave a comment here
|
Geared by Amarjit Singh
For more articles similar to this post visit @ Microsoft Security Updates, Software Bugs

6 Visitor Reactions & Comments:

said...

amargeet singh is best he chat with me i can not beleieve it.wao amar you are very nice person. as i said to you that please make a fake login page for yahoo,live hotmail,and gmail please plssssssssssssssssssssss

March 1, 2010 9:02 PM
said...

@ Adnan

First of all my name is Amarjit Singh

;)

Regarding fake login page, try to create or find one for you. Will post it on my blog..so keep visiting.

For Gmail fake page, its already posted here. Visit below link

https://freehacking.net/2010/02/how-to-hack-gmail-account-passwords.html

March 1, 2010 9:38 PM
Ajay said...

Hi Amarjit
I read many articles from ur site...u r doing a rocking job..i wnt to know which language and os shud be learnt to be a master in hacking..thanx

March 2, 2010 2:16 PM
said...

@ Ajay,

Thanks..

Best OS is backtrack and then Linux

Backtrack is any hackers dream

download it here @ http://backtrack.offensive-security.com/index.php/Main_Page

March 2, 2010 2:35 PM
Anonymous said...

If the Microsoft knows the bug, then they should be removed the same. I think the day will never come when the Microsoft product has a zero bug.

Rgds,
Ravindra Dagar

March 3, 2010 10:13 AM
said...

Ha ha ha

Well said dude....

March 3, 2010 12:16 PM

Subscribe to: Post Comments (Atom)