Wednesday, November 11, 2009

drive by install... MS09-065.mspx

nasty one..

Allow remote code execution if a user viewed content rendered in a specially crafted Embedded OpenType (EOT) font.
Windows version is affected: windows 2000, xp,... 2008 server (windows 7 & server2008R2 not).
Meaning if a victim browse to attacker website using IE, the attacker can take control of the computer...



Post a Comment

Subscribe to Post Comments [Atom]

<< Home