Cursor hole puts Windows PCs at risk

TalkBack 6 of 12:

Next »

« Previous

• Thread View
• Flat View

Not an IE flaw at all

Did you read my post? There are numerous ways this flaw could be exploited by other programs, that don't involve IE at all. Thus the flaw is not in IE.

IE is an *attack vector*, but that is different than being the place where the flaw exists. If there's a flaw in Windows' code that draws dialog boxes on the screen, is it an IE flaw too because IE uses dialog boxes? No.

Admin privileges have nothing to do with whether a flaw exists or where it exists. Regardless of whether you are an administrator or a limited user (or in Protected Mode in Vista), this flaw lets the attacker run some code on your machine. Now, what that code can actually succeed in doing, depends on your privilege level. If you're an admin, that code can try to modify the system, and it will be successful. If you're not, the code will still try, but it will fail. If you're a limited user, it can successfully modify your user settings/files. If you're running in Protected Mode in Vista, it can't access anything except for your internet cache.

Posted by: PB_z   Posted on: 04/01/07 You are currently: a Guest | Members login | Terms of Use

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

SponsoredWhite Papers, Webcasts, and Downloads

• Building the Virtualized Enterprise with VMware Infrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
• Reducing Server Total Cost of Ownership with VMware Virtualization Software VMware VMware virtualization enables customers to reduce their server TCO and ... Download Now
• VMware Infrastructure: A Guide to Bottom-Line Benefits VMware Frustrated by the costs of maintain ever larger data centers?or building ... Download Now