Critical Windows bug exploit code goes public
Code that exploits a critical Windows vulnerability disclosed and patched last week has been posted to a public mailing list, raising the risk of an attack, security vendors said Wednesday.
The exploit code, which appeared on the Bugtraq list Tuesday, targets a flaw in Windows' Vector Markup Language rendering that was patched Jan. 9 in Microsoft's monthly security update. VML, an extension of XML that defines Web images in vector graphics format, had been patched before this month; in September 2006, for example, Microsoft issued a fix outside its normally scheduled cycle.
[ Read more ]