Hey Hey,

This is somewhat old news now.... HDM's tool was released a month or two ago and the reason it's making the news now is because of his talk at CanSecWest and the recent microsoft patches for many of the problems..

You can read more about HDM's talk at Timothy Keanini's (TK) (who was quoted in the article that f2b posted) blog entry @ http://blog.ncircle.com/archives/200...stcore0_5.htm. (Although I might be a little biased in all of this )

You can play with the tools in question at:
http://metasploit.com/users/hdm/tool...i/hamachi.html
http://metasploit.com/users/hdm/tool...ie/cssdie.html

They are quite interesting tools and fun to play with.. especially if you've got a junky little browser that no one ever worries about..

HDM also has an interesting blog entry on Browser fuzzing and how there's been tools around since 2004... you can read it @ http://metasploit.********.com/2006/...nd-profit.html

Browser fuzzing is some pretty cool stuff... actually fuzzing any application is pretty cool stuff....

Peace
HT