Attack code out for 'critical' Windows flaw


Computer code that exploits a security vulnerability in Windows has been published on the Internet, making it more urgent for users of the operating system to patch.

The attack code exploits a flaw in the way Windows handles Vector Markup Language, or VML, documents, which are used for a type of high-quality graphic on the Web. The bug lies in a Windows component called "vgx.dll" that supports these files.

Microsoft provided a fix for the flaw last week with security bulletin MS07-004. At the time, the company warned that it had already seen limited cyberattacks exploiting the vulnerability. However, attack code hadn't been available publicly. On Tuesday, exploit code was published to a widely-read online security forum. Attack code out for 'critical' Windows flaw | CNET News.com

Linked by shanmuga Tuesday, 16th January 2007 11:50PM