FAQ: What you should know now about the latest IE VML bug


What's the problem? A vulnerability newly discovered in Microsoft Internet Explorer could allow an attacker to take over a targeted machine even a machine whose patches are all up to date.

What's it called? The Common Vulnerabilities and Exposures list tentatively designates this vulnerability as CVE-2006-4868. McAfee calls it Exploit-VMLFill; Trend Micro calls it EXPL_EXECOD.A; Symantec calls it Trojan.Vimalov, reflecting its probable Russian origin. SecurityFocus assigns it a Bugtraq ID of 20096. FAQ: What you should know now about the latest IE bug

Linked by shanmuga Wednesday, 20th September 2006 11:41PM