A working exploit of a critical Microsoft patch has been put together, three hours before the patch was available on Microsoft's Patch Tuesday. Immunity Inc., a Miami Beach, Florida-based security and consulting firm, has published a working exploit for the Vector Markup Language (VML) vulnerability, outlined in the MS07-004 security bulletin. The VML flaw affects Windows 2000 and Windows XP-powered PCs running Internet Explorer 5.01, 6.0, and 7. Since active exploits are already in circulation, deploying this patch should be priority for both users and enterprises. By simply luring users to a malicious Web site, hackers can gain control of a user's PC.
News source: CRN
-1 Comments - Add comment