A researcher over at the Internet Storm Center
has created a powerful GUI that will set the kill-bits on vulnerable ActiveX controls used in Facebook, Myspace
, and Yahoo apps
. These popular apps came under attack on Monday after researchers Elazar Broad and Krystian Kloskowski disclosed their findings to a online security newsgroup.
On Tuesday, exploits for the Yahoo apps were reported circulating. There is currently no patch from the individual vendors, so the only workaround is to disable the several specific, vulnerable ActiveX controls. (ActiveX controls were developed by Microsoft for use with Internet Explorer and other browsers.)
The SANS … Read more