[Population: One] <A HREF="http://popone.innocence.com/ar

Feb. 16th, 2004 12:52 pm
bryant: (Default)
[personal profile] bryant

Vernor Vinge was right. Again.

There is a vulnerability in Internet Explorer 5 that can be triggered by loading a bitmap image. No Javascript, no ActiveX, nothing fancy. You load the bitmap, and arbitrary code runs on your system. Or you load a page with the bitmap embedded in it. And it’s not a particular bitmap, it’s a general technique.

If you are currently browsing the Internet with Internet Explorer 5, you can be owned at any moment.

Reminder to self: code is data is code is bits. It’s all binary at the bottom.

  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

additional reminder to yourself:

Date: 2004-02-16 07:11 pm (UTC)
From: [identity profile] colubra.livejournal.com
when code you are running is upgraded with the specific statement that this code is being upgraded for security reasons (as the link you supply only relates to IE5, and current version's IE6), UPGRADE THE VERSION OF THE CODE YOU'RE RUNNING.

Surely the Slammer worm taught us this about a year back? Right? Didn't it?

...yeah.
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Profile

bryant: (Default)
bryant
Innocence Consulting

May 2026

S M T W T F S
     12
3456789
10111213141516
1718192021 22 23
24 252627282930
31      

Most Popular Tags

Page Summary

Active Entries

Style Credit

Expand Cut Tags

No cut tags
Page generated May. 26th, 2026 09:24 am
Powered by Dreamwidth Studios