Hi folks,
Just in from the official security alert org:
A real bad one!
Product: Microsoft Internet Explorer 6 and prior
Publisher: AusCERT
Operating System: Windows
Impact: Create Arbitrary Files
Execute Arbitrary Code/Commands
Access: Remote/Unauthenticated
Ref: ESB-2003.0775
PROBLEM:
A critical vulnerability in all current versions of Microsoft Internet
Explorer allows a remote attacker to plant executable files
anywhere on
the user's filesystem.
VERSIONS:
All current versions of Internet Explorer are vulnerable, up to and
including Windows XP systems with Service Pack 2 installed.
IMPACT:
An attacker can plant executable files anywhere on the user's
filesystem. This then allows remote execution of arbitrary code.
MITIGATION:
################### There are currently no patches available to
fix this vulnerability.
AusCERT advises users and sites running Internet Explorer to evaluate
their exposure to these vulnerabilities and to apply the following
mitigation to reduce the risk of exploitation:
o Disable Active Scripting and ActiveX in the "Internet" and "Local
Machine" domains.
####################o Use a different web browser.
### emphasis added by Himagain
Goodnight folks and especially Mrs Magillicuddy, wherever you are....
--
The Silver List is a moderated forum for discussing Colloidal Silver.
Instructions for unsubscribing are posted at: http://silverlist.org
To post, address your message to: [email protected]
Silver List archive: http://escribe.com/health/thesilverlist/index.html
Address Off-Topic messages to: [email protected]
OT Archive: http://escribe.com/health/silverofftopiclist/index.html
List maintainer: Mike Devour <[email protected]>
