October 4, 2003
Microsoft Plugs Browser Hijack Holes
By Ryan Naraine
Full Artical Here
Microsoft (Quote, Chart) on Friday rushed out a major cumulative patch to plug 'critical' holes in Internet Explorer (IE) that allowed attackers to hijack the browser or change DNS server settings.
In an unusual move, Microsoft issued an advisory late on Friday after security consultants warned that a QHosts-1 trojan was sneaking into PCs via unpatched Internet Explorer holes.Damn.....how many does that make this year alone??Microsoft also warned that an attacker could use its WMP media player to open URLs and run exploits.
[EDIT]Full Advisory HereMicrosoft Security Bulletin MS03-040
Cumulative Patch for Internet Explorer (828750)
Originally posted: October 3, 2003
Reply With Quote