Previous Thread
Next Thread
Print Thread
Rate Thread
Joined: Nov 2002
Posts: 1,146
Likes: 1
Ice Offline OP
UGN News Staff
OP Offline
UGN News Staff
Joined: Nov 2002
Posts: 1,146
Likes: 1
Time is ticking for Microsoft to produce a patch for the two-week-old Bofra exploit. But Redmond is still investigating the problem

After more than two weeks of investigating the IFRAME Bofra exploit, Microsoft has yet to announce when it will be able to fix the problem.

The software giant was unable to provide any further answers to ZDNet UK as to when it expects to resolve the flaw for its customers. In a prepared email statement from the company, a spokesperson said: "Microsoft is actively investigating new public reports of a criminal attack, known as Bofra, attempting to exploit a vulnerability in Internet Explorer's treatment of an HTML element known as IFRAME."
The spokesman added that Microsoft is working to forensically analyse the malicious code in Bofra and "will work with international law enforcement to identify and bring to justice those responsible for this malicious activity".

The exploit affects Internet Explorer 6.0 on Windows 2000 and XP SP1. Computers running SP2 are said not to be affected by the exploit.

Earlier this week, several Web sites were hit with banner ad Bofra exploits that directed users to other sites and downloaded malicious code onto their machines.

Analyst company Gartner has predicted that hackers will increase their use of the banner ad attack because of its wide-spread effectiveness.

The software giant added: "Microsoft is taking this vulnerability very seriously; accordingly an update to correct the vulnerability is currently in development. We will release the security update when the development and testing process is complete, and the update is found to effectively correct the vulnerability."

Microsoft has attacked independent researchers who made the IFRAME flaw publicly available. Within a few days of its publication, hackers had created an exploit for the vulnerability.

The company said that people who believe they have been attacked should contact their local law enforcement agency.

ZDNET News


Good artists copy, great artists
steal.

-Picasso
Joined: Feb 2002
Posts: 7,203
Likes: 11
Community Owner
Offline
Community Owner
Joined: Feb 2002
Posts: 7,203
Likes: 11
I just love hearing about Gartner; as I worked there on the Microsoft Publisher research project, and the Gartner Technical Workshop research project wink


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner

Link Copied to Clipboard
Member Spotlight
Phatal
Phatal
Houston, TX
Posts: 298
Joined: April 2004
Forum Statistics
Forums41
Topics33,840
Posts68,858
Average Daily Posts1
Members2,176
Most Online3,253
Jan 13th, 2020
Latest Postings
Where and how do you torrent?
by danni75 - 03/01/24 05:58 AM
Animation,
by JohanKaariainen - 08/15/19 01:18 AM
Blackbeard.....
by Gremelin - 10/03/18 07:02 PM
my old account still exists!
by Crime - 08/10/18 02:47 PM
Okay WTF?
by HenryMiring - 09/27/17 01:45 AM
The History Thread...
by Gremelin - 08/11/17 12:11 PM
My friend NEEDS your HELP!
by Lena01 - 07/21/17 12:06 AM
I'm having fun with this guy.
by gabithompson730 - 07/20/17 01:50 AM
I want to upgrade my phone
by gabithompson730 - 07/20/17 01:49 AM
Doom 3
by Cyrez - 09/11/14 08:58 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666 - 08/22/14 09:21 AM
AIM scene 99-03
by lavos - 09/02/13 08:06 AM
Planetside 2
by Crime - 03/04/13 07:10 AM
Beta Testers Wanted
by Crime - 03/04/13 06:55 AM
Hello Everyone
by Gremelin - 02/12/12 06:01 PM
Tracfone ESN Generator
by Zanvin Green - 01/18/12 01:31 PM
Python 3 issue
by Testing - 12/17/11 09:28 PM
tracfone airtime
by Drache86 - 07/30/11 03:37 AM
Backdoors and the Infinite
by ZeroCoolStar - 07/10/11 03:52 AM
HackThisZIne #12 Releaseed!
by Pipat2 - 04/28/11 09:20 PM
gang wars? l33t-wars?
by Gremelin - 04/28/11 05:56 AM
Consolidate Forums
by diggin2deep - 04/21/11 10:02 AM
LAN Hacking Noob
by Gremelin - 03/12/11 12:42 AM
Top Posters
UGN Security 41,392
Gremelin 7,203
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Likes Received
Ghost 2
Cyrez 1
Girlie 1
unreal 1
Crime 1
Powered by UBB.threads™ PHP Forum Software 7.7.5