http://ow.ly/14qOR
Researcher reveals how IE flaw can turn your PC into a public file server
In a live demonstration Wednesday at the Black Hat DC conference, a security consultant showed how it's possible to exploit a flaw in the Microsoft Internet Explorer browser to remotely read files on the victim's local drive, prompting a security advisory from Microsoft.
The flaw, said to extend across all versions of Internet Explorer, is not subject to a patching fix, according to Jorge Luis Alvarez Medina, the Argentina-based security consultant with Core Security Technologies who elaborated on the attack technique during his demo. Indeed, Microsoft advised anyone concerned about the potential for this type of attack to run IE in "protected mode," a workaround that Medina also advised.
I feel that with the pressure now on Microsoft to fix this, it will be fixed in the short term.
Researcher reveals how IE flaw can turn your PC into a public file server
In a live demonstration Wednesday at the Black Hat DC conference, a security consultant showed how it's possible to exploit a flaw in the Microsoft Internet Explorer browser to remotely read files on the victim's local drive, prompting a security advisory from Microsoft.
The flaw, said to extend across all versions of Internet Explorer, is not subject to a patching fix, according to Jorge Luis Alvarez Medina, the Argentina-based security consultant with Core Security Technologies who elaborated on the attack technique during his demo. Indeed, Microsoft advised anyone concerned about the potential for this type of attack to run IE in "protected mode," a workaround that Medina also advised.
I feel that with the pressure now on Microsoft to fix this, it will be fixed in the short term.