In a web-based attack scenario, an attacker would have to host a website that contains a specially crafted web page that is used to exploit this vulnerability.
Developers of the Metasploit framework for hackers and penetration testers have released a module that should exploit the vulnerability on machines running Windows, Apple OS X, and Linux regardless of the browser they're using.
Network Associates says the discovered vulnerability is actually quite difficult to exploit.
CNN: Technology - Security flaw discovered in Network Associates PGP software
That Mr Romney is not seen as a man of the people is one vulnerability Mr Obama's team will exploit.
When NSS tested alternative versions of the exploit that targeted the same vulnerability in software, Symantec only spotted 53%, less than more than half of the other products tested.
FORBES: Study Shows Programs Designed To Catch Hackers' Exploits Miss Nearly Half
Microsoft said it had decided to issue a patch early because attacks using the vulnerability had increased in intensity and code to exploit the flaw was known to be circulating widely.
President Obama's vulnerability on the Israel issue, which Romney wants to exploit, is on the emotional side.
Researchers at Independent Security Evaluators have used the vulnerability to take malicious control of the iPhone from rogue websites loaded with the exploit.
ENGADGET: Safari exploit gives hackers full control over iPhones and possibly PCs and Macs
Researchers note that the only way to stay safe is to check those URLs and only visit sites that you trust (which isn't very reassuring) and "may or may not be exploitable" from Mac and PC versions of Safari -- the same vulnerability exists only they haven't written the proof-of-concept exploit to test it yet.
ENGADGET: Safari exploit gives hackers full control over iPhones and possibly PCs and Macs
It is typically legal for someone to disclose a vulnerability, even when the disclosure could serve as a roadmap for criminals looking to exploit the flaw, said Ms. Granick.
But at least in the case of JailbreakMe 3, Allegra also created a patch for the PDF vulnerability he exploited, allowing users to cover their tracks so that other hackers couldn't exploit the same bug.
Symantec ends its post on the IE vulnerability by reminding website administrators that they, like the administrators of the hacked site used as a vehicle for this exploit, have a duty to keep their site from becoming a source of malware infections.
FORBES: Criminal Exploits Targeting New Bug In Old Internet Explorer Versions
应用推荐