Shortly after Microsoft caved in and released a patch for the VML exploit, they have new issues hot off the presses.
Another Office 0-day vulnerability has surfaced from the underground digital ocean, this time in Powerpoint.
Also, MSF has been updated to include the SetSlice() exploit. This vulnerability was released in HD Moore's MoBB on July 18th. Lets hope that a public exploit is enough to make Microsoft take this issue serious....and make the time to get it patched.
Perhaps a little less time attempting to fix the broken DRM is in order......but I doubt it will happen. Here is the equation for producing patches, it seems.
DRM = Money for MS
Active Public IE Exploit = Money for "Real Bad Guys"
Which would you fix first?
No comments:
Post a Comment