####################
A newly discovered vulnerability in Windows XP Service Pack 2 that could allow a malicious Web site to deposit an attack program on a user's system.
ADVERTISEMENT
The attack utilizes Internet Explorer's drag-and-drop features and the Windows "shell folders" to copy an executable from a malicious Web site to a user's startup folder, from which it would execute the next time the user logged on. The researcher who reported the problem to security mailing lists provided proof-of-concept code that leaves a file named "malware.exe" in the user's startup folder.
http://www.eweek.com/article2/0,1759,1637609,00.asp
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings] [Donations and Support]
