Channel Marker

Mar 28 2007   3:08PM GMT

Attack scripts available for IE flaw

Brein Matturro Profile: Brein Matturro

Full exploit code” has been published that would let attackers cut-and-paste their way to an effective assault on Internet Explorer installs, according to a report Monday from Websense Security Labs.

Microsoft reported Feb. 13 that the flaw – known since February to affect the ADODB.Connection ActiveX control in the Microsoft Data Access Components  – would allow attackers to hijack targeted machines.

Security services providers and IT administrators who have not yet updated their IE installations can download the patch from Microsoft.

The flaw was discovered last July by Metasploit Framework creator H.D. Moore. Separatelym Moore announced Tuesday that version 3.0 of his popular penetration testing tool is now available.

The original version of this story appeared on TechTarget sister site SearchSecurity.com.

     —Kevin Fogarty

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: