Windows IE exploit found after source code leak

I must admit this happened much quicker than I thought it would :- see these articles on the Register and Security tracker – apparently an exploit for a buffer overrun problem in IE *5* has already been released – supposedly discovered by reading the leaked windows source code.

I’m curious as to whether this source code leak will be a “good thing” for windows in the long run, or will end up highlighting so many possible areas for exploits in Windows that MS gets an impossibly hard time…

Join the conversation

2 Comments

  1. Hmm. Unless I”m misinterpreting the article, doesn”t it talk about two exploits – one related to the source code leak exploiting a buffer overrun problem in the way IE 5 handled bitmaps, and the other – a program that exploits the ASN problem?

    Plus, the Security Tracker website talks about the flaw supposedly being found in "win2k/private/inet/mshtml/src/site/download/imgbmp.cxx" – eg… a specific file in the source tree?

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.