IE Hole Is Actually A "Feature"!

By Derek Sooman on
You will recall that last week security experts (man, what a cool job!) released evidence that there were certain vulnerabilities in IE and IIS 5.0 that could allow hackers to redirect browsers and download a keylogging trojan from a Russian website. We posted a story about a released fix, here.

Anyway, you will be interested I am sure to find out this security flaw is actually a feature that allows an ActiveX ADODB.Stream object to read and write files on a hard drive. [COLOR=#1951B9]Attackers used this "feature" to download copies of a keystroke logging trojan onto the unsuspecting browser user's computers.[/COLOR]

In addition to the fix, there is also now a workaround in progress, and rest assured Microsoft is currently thinking up more "features" for us as we speak.

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.