Windows SP2 security compromised
A security researcher claims to have crafted a simpler version of an exploit that could compromise a Windows system patched with SP2.
The exploit, discussed in a Saturday message to the Bugtraq security mailing list, is based on an exploit first disclosed in October. That exploit used two vulnerabilities in IE 6, in combination with an inappropriate behavior in the ActiveX Data Objects model, to compromise an SP2-patched system.
By Matthew Broersma at PC World.
[ Read more ]