Tuesday, October 16, 2007

Researcher posts unofficial patch for Windows bug

A researcher beat Microsoft Corp. to the patch punch yesterday by publishing an unofficial fix for a critical flaw in Windows XP and Server 2003 on PCs with Internet Explorer 7. KJK::Hyperion, a.k.a. "Hackbunny," a researcher believed to live in Italy, posted a link to the 16KB patch on both his Web site and the Full Disclosure security mailing list Sunday. KJK’s patch, dubbed "ShellExecuteFiasco," blocks the execution of malformed URLs and forces normalization of valid URLs. URL normalization, which can include tasks such as changing a URL to all-lowercase and stripping out the "www" part of the address, is a technique used by search engines to reduce indexing of duplicate pages.

Read the article HERE.

0 Comments:

Post a Comment

<< Home