[Population: One] <A HREF="http://popone.innocence.com/ar

Feb. 16th, 2004 12:52 pm
bryant: (Default)
[personal profile] bryant

Vernor Vinge was right. Again.

There is a vulnerability in Internet Explorer 5 that can be triggered by loading a bitmap image. No Javascript, no ActiveX, nothing fancy. You load the bitmap, and arbitrary code runs on your system. Or you load a page with the bitmap embedded in it. And it’s not a particular bitmap, it’s a general technique.

If you are currently browsing the Internet with Internet Explorer 5, you can be owned at any moment.

Reminder to self: code is data is code is bits. It’s all binary at the bottom.

  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

additional reminder to yourself:

Date: 2004-02-16 07:11 pm (UTC)
From: [identity profile] colubra.livejournal.com
when code you are running is upgraded with the specific statement that this code is being upgraded for security reasons (as the link you supply only relates to IE5, and current version's IE6), UPGRADE THE VERSION OF THE CODE YOU'RE RUNNING.

Surely the Slammer worm taught us this about a year back? Right? Didn't it?

...yeah.
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Profile

bryant: (Default)
bryant
Innocence Consulting

April 2026

S M T W T F S
   1234
567891011
12131415161718
1920 2122232425
2627282930  

Most Popular Tags

Page Summary

Active Entries

Style Credit

Expand Cut Tags

No cut tags
Page generated Apr. 24th, 2026 06:53 am
Powered by Dreamwidth Studios