Technically Speaking

“Description:
http-equiv has reported a vulnerability in Windows XP, which can be exploited by malicious people to compromise a user’s system or gain escalated privileges.

It is possible to construct a malicious folder containing both script code and an executable file. This can be exploited to make Windows Explorer execute code automatically on a user’s system if the user is tricked into opening the folder.

A PoC (Proof of Concept) exploit is available.

Solution:
There’s no proper solution available at the moment.

Grant only trusted users access to affected systems. Don’t open untrusted folders. Use updated AV software.”

This entry was posted on Wednesday, January 28th, 2004 at 11:22 pm and is filed under Tips and Tricks. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.