Microsoft takes over two months to plug nasty little hole: "GREYMAGIC SECURITY has released details of a critical hole in versions of Windows Explorer that was discovered back in January.
The company says it told the Vole about the hole back at the beginning of February but the software monopolist stiil hasn't done anything about it.
The advisory, here, details how an attacker may execute any command as the logged-on user simply by having the user select a file. Executing the file is not required for exploitation, all it takes is selecting an innocent-looking file - maybe to delete it. The exploit applies to certain versions of Windows 2000."
Un blog di Paolo Attivissimo, giornalista informatico e cacciatore di bufale
Informativa privacy e cookie: Questo blog include cookie di terze parti. Non miei (dettagli)
Prossimi eventi pubblici – Donazioni – Sci-Fi Universe