Exploit code for a new flaw in Internet Explorer could put systems at risk of remote attack, security experts warned Monday.
The exploit code, made public Monday, aims to take advantage of the “extremely critical” vulnerabilities in IE 5.5 and IE 6 running on XP Service Pack 2 (SP2), and IE 6 running on Windows [...]

Posted in Windows Products No Comments »

Can crash msn and execute commands
Windows has a buffer overflow vulnerability in the processing of embedded ICC Profiles
inside images (jpeg, tiff, etc…)
To test – create a jpeg in adobe photoshop and save it with the ICC checkbox enabled,
make sure you set it to RGB (that does not really matter, just so you can find which
bytes [...]

Posted in Windows Products No Comments »

Microsoft warns of unpatched IE flaw
By Dawn Kawamoto, CNET News.com
Published on ZDNet News: July 1, 2005, 8:55 AM PT
Microsoft has issued a security advisory for Internet Explorer, after a research firm published a working exploit to demonstrate how attackers could take advantage of the flaw.
The vulnerability, discovered by SEC Consult, mean that attackers could cause [...]

Posted in Windows Products No Comments »

John Heasman of NGSSoftware has discovered a high risk vulnerability in
RealPlayer for Windows.
Versions affected include:
RealPlayer 10.5 (6.0.12.1040-1069)
RealPlayer 10
RealOne Player v2
RealOne Player v1
RealPlayer 10.5 (6.0.12.1212) is NOT affected.
The flaw permits the overwriting of a local file or execution of an ActiveX
control via a malformed MP3 file.
The patch can be downloaded from
http://service.real.com/help/faq/security/050623_player/EN/
NGSSoftware are going to withhold details [...]

Posted in Exploits and Bugs, Windows Products No Comments »