15 comments

[ 4.7 ms ] story [ 16.7 ms ] thread
The image on that article really confused me.
Same. I was waiting for the article to mention how an IE bug led to a drive by shooting.
Don't worry, Inori Aizawa will stop them.
We'll see what happens at the next comiket.
Can anyone say (technically) what these attacks are so I can avoid reading that fluffy article?

edit: I know it is a short article.

It's the recent TIFF code execution bug found in Office 2010 and earlier. See https://news.ycombinator.com/item?id=6678957 for discussion.
That, plus a separate exploitable hole in IE/Windows.

> The vulnerabilities in various configurations of IE versions 7, 8, 9, and 10 running on Windows XP and Windows 7 are separate from the Microsoft Windows and Office graphics flaw that's also under active exploit at the moment.

> One flaw allows attackers to access and control computer memory, and another leaks system information needed to capitalize on the first bug.

> The attackers embedded the exploit code directly "into a strategically important website, known to draw visitors that are likely interested in national and international security policy," the researchers wrote.

Anyone know which site they're referring to?

The more I see stories like this, the more I'm convinced, truly security conscious people should be browsing the web in Lynx.
telnet port 80 or bust
(comment deleted)
Ah, yes, well that too ;)
The truly paranoid can go hard core: telnet 443
This is the first I've heard about EMET. Can any of our resident security gurus comment on whether it's worth installing?