ActiveX bug resurfaces
Summary: It hasn't been a great week for security... has it?
Yet another potentially devastating flaw inherent to Microsoft's Web language ActiveX has been revealed on SecurityForum's message-board "Bugtraq". The latest opening allows the kernel of Windows 98 or Windows NT computers to be permanently deleted from an applet embedded in a Web page.
Although Microsoft has already released a fix for the problem which makes it possible for a user to overwrite the kernel of a Windows 98 or Windows NT machine at the touch of a button, millions of users remain at risk according to Bugtraq.
Saul Hazledine, a regular contributor to Bugtraq, highlighted this latest exploit. There is also a fully working example posted on this Web page. This page should not, however, be visited without due care. Unless the ActiveX controls in Internet Explorer are de-activated, the links it contains have the potential to do serious damage to anyone using Windows 98 or Windows NT.
Take me to Hackers
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback