Swa Frantzen is manning the SANS Internet Storm Center, InfoCON: green desk today, and struggles to work out the exploit Microsoft documents without admitting in MS06-053 revisited ?, (Thu, Oct 5th). "When we first read MS06-053 we ended up discussing and not fully understanding what Microsoft was..." (more)... The article explores what appears to be an IE cross-site scripting exploit but with the character set UTF-7 (yes, seven! - who knew!) and some advice to webmasters to help avoid spreading the problem by echoing a bad URL back to the user.
9:54:58 AM 
|
|
