微软说,为了利用这个安全漏洞,黑客必须欺骗用户访问一个装载了恶意代码的网站。
To exploit the security hole, hackers must trick users into visiting a Web site loaded with malicious code, Microsoft said.
这包括若干安全增强,例如关闭脚本漏洞和欺骗保护。而且,大部分增强不会影响您的工作,除非您正打算编写恶意代码。
Several security enhancements are included, from closing script vulnerabilities to phishing protection, but most of them won't affect your work unless you happen to be writing malicious code.
这个让罪犯在受害者电脑上运行恶意代码的漏洞,于2008年首次被发现,并已用于黑客竞赛。
The hole, which potentially allows criminals to run malicious code on their victim's computers, was first discovered in 2008 and has been used in hacking competitions.
按需脚本可能包含打算攻击XXS等安全漏洞的恶意代码。
On-demand scripts can include malicious code aimed at exploiting security vulnerabilities such as XSS.
通过确保按需脚本被验证并确保从那些脚本生成的内容被适当编码以阻止恶意代码的执行,您可以避免这类漏洞。
You can prevent this vulnerability by ensuring that on-demand scripts are validated and that content generated from the scripts is encoded properly to prevent execution of malicious code.
主要研究方向:信息安全,软件漏洞分析与检测,恶意代码分析与防范。
Research Interest: Information security, Vulnerability analysis and detection, Malware analysis and prevention.
主要研究方向:信息安全,软件漏洞分析与检测,恶意代码分析与防范。
Research Interest: Information security, Vulnerability analysis and detection, Malware analysis and prevention.
应用推荐