Douglas Schweitzer

The Security Sector

Find this hidden (but published) code

TAGS:flaw, Raff, software
IT TOPICS:Security

I suppose Aviv Raff was right when he decided to go public with his finding of a Microsoft software flaw. According to Robert McMillan's article 0day treasure hunt, Raff discovered a 0day vulnerability for which he embedded a proof-of-concept code in his blog.

If you're running IE 7 and IE 8, an attacker could feasibly run unauthorized software on your computer. Raff notified Microsoft and when they didn't immediately patch the software, he decided to go public. Granted, Raff didn't give them much time to respond, but I guess this'll prompt them to perhaps drum up a patch more quickly.

Maybe his methods aren't conventional, but you gotta admit, he's thinking outside the box.

What is Tech Briefcase?

TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more

Bookmark content

Speed up your research efforts with content across the web.

Search and Store

Find the white papers you need. Create folders for any topic.

View Anywhere

Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.

Don't have an account yet?

Microsoft's newest partner: Russia's Vladimir Putin

EFF slams Apple patent as traitorware: Jobs is spying on you?

Can the feds buy their way to better cyber security?

DEMO 09: Getting smart

Today's Top Stories

Essential browser tools for Web developers

Hands on: The new iPad

Microsoft cuts the prices of some Office 365 plans

Google works to overhaul its search

Mozilla will start Firefox silent updates in June

Preston Gralla: Big backlash is building against Windows 8. Will Microsoft listen?

Hot Posts

Google wins again vs. Oracle: No patent probs.

Posted by IT Blogwatch |

Apple iPhone 5 -- fresh reports claim 4-inch display

Posted by Jonny Evans |

London's flying cameras spy shoelaces nearly a mile away; Will drones in the USA?

Posted by Darlene Storm |

Free Insider Guide

Excel 2010 Cheat Sheet: Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.

Security White Papers

2011 FFIEC Authentication Guidance: A New Standard For Online Banking Security: This whitepaper provides an overview of the updated Guidance and the threat landscape which helped define it, examines why previous security measures are...
Backup & Recovery for VMware Environments with Avamar 6.0: This paper highlights several new features within EMC Avamar 6.0 that specifically target and advance the capabilities and performance of VMware data protection.
Driving Security in a Hybrid Cloud Environment: This paper examines recent IDG research among IT leaders, who share their concerns and strategies in addressing security in cloud computing environments.

Security Webcasts

Operational Decision Management for Improving Governance, Risk and Compliance: How to rapidly adapt automated decisions to ever changing market and regulatory environments: Date: Monday, September 26, 2011, 11:00 AM EDT

In this webcast you'll learn how your organization can become more responsive to financial market challenges...
Kill the Laptop! Its Corporate Days Are Numbered: "Kill the Laptop" - The evolution of chips, computing power, connection speed, and the cloud is leading to the fall of laptops and...
The Top Ten Secrets to Avoiding SAN Performance Problems: Maintaining peak performance while simultaneously addressing the root cause of SAN errors is challenging. Learn the most common SAN problems and explore new...

IT Newsletters

Get the latest technology news and analysis on critical issues in the enterprise.

Find this hidden (but published) code

Related Posts

Today's Top Stories

Hot Posts

Douglas Schweitzer's Archive

IT Topics