You will recall that last week security experts (man, what a cool job!) released evidence that there were certain vulnerabilities in IE and IIS 5.0
that could allow hackers to redirect browsers and download a keylogging trojan from a Russian website. We posted a story about a released fix, here
Anyway, you will be interested I am sure to find out this security flaw is actually a feature
that allows an ActiveX ADODB.Stream object to read and write files on a hard drive. [COLOR=#1951B9]Attackers used this "feature" to download copies of a keystroke logging trojan onto the unsuspecting browser user's computers.[/COLOR]
In addition to the fix
, there is also now a workaround in progress
, and rest assured Microsoft is currently thinking up more "features" for us as we speak.