Saturday, July 31, 2004

IE Universal Exploit

Some people wish for code that runs on multiple systesm. Be careful
what you wish for! K-otic has
posted a "Universal" IE exploit that supposedly runs on Windows and Linux and gives you a reverse shell via IE.

Advice? Keep your patches up-to-date and configure your firewalls to only allow what you need to do on the Internet. In other words, limit browsing to high-port to port 80. It's not a perfect solution, but it will cut back on exploits like the above.