Room362.com

Blatherings of a security addict.

Microsoft Ignores Another 0 Day 'Feature'

| Comments

Today I saw on Bugtraq a new 0 day coming that affects all up to date versions of windows. The most extraordinary part of this, and similar disclosures, is their workarounds. Since Redmond has decided not to patch, until a later date, it is up to the discloser or a likeminded individual to figure out how to protect the masses. Guess what ends up being the fix? “Disable said Microsoft FEATURE”. Imagine that. For more information you can refer to:

http://readlist.com/lists/securityfocus.com/bugtraq/1/9704.html

This exploit only affects you if you navigate to a site (or what looks like a site) and drag and drop something. You have been warned.

jd.

Comments