[转载] !!! IE new hole, can run any command on your PC# Security - 系统安全
c*t
1 楼
【 以下文字转载自 Hubei 讨论区 】
【 原文由 cogt 所发表 】
That nasty IE hole the size of NY that let's anyone run any code they want on your computer... isn't as "patched" as you think. It turns out that Microsoft only disabled access to the ActiveX control that had one of the holes. The other issue, crossing
browser zones, which Microsoft has known about for months, is still unpatched.
And now, there is an exploit that takes advantage of it. It simply uses Application.Shell instead of ADODB.Stream (the ActiveX co
【 原文由 cogt 所发表 】
That nasty IE hole the size of NY that let's anyone run any code they want on your computer... isn't as "patched" as you think. It turns out that Microsoft only disabled access to the ActiveX control that had one of the holes. The other issue, crossing
browser zones, which Microsoft has known about for months, is still unpatched.
And now, there is an exploit that takes advantage of it. It simply uses Application.Shell instead of ADODB.Stream (the ActiveX co