Exploit for IE posted on web

March 27, 2007

Code to exploit a known flaw in Internet Explorer has been posted on the Milw0rm.com web site.

The code, which exploits a recently patched flaw in Microsoft’s browser, could be used to run unauthorised software on a computer that was not updated with the latest Microsoft patches. 

Security researcher HD Moore discovered the vulnerability in July 2006. A patch was issued by Microsoft in February but security researchers have warned that it will get more attention from criminals now the exploit code is publicly available.

According to researchers at eEye, the Milw0rm code works on IE6, but not on IE7. 


Post a comment

Your email address will not be published. Required fields are marked *

Visited 663 times, 1 so far today