Friday

HOLES

HOLES IN THE BROWSER ActiveX a glance at the list of security holes shows that almost all attacks concentrate on plug-ins an not on the browser Program. However mean that Microsoft doesn't have to do anything about weak spot. Since its very inception, the ActiveX system has been vociferously criticized b security experts, the biggest peeve being that ActiveX plug-ins have too many rights to the host system a hacker happens to find a loophole, the chances that he can gain complete access to the operating system through it are high. Hackers find such loopholes by chance or if they have a good nose of vulnerabilities. A lot can be learned by observing how the plug in accesses the system while running.
WINDOWS SHARED LIBRARIES The second Biggest problem that internet Explore faces is the “Shared Libraries”(DLLs). These are resource libraries that can be re used over several instances and situation. Ex a function can be stored in a DLL file to run a routine that simply display GIF images. This function can then be used by every program that need to display GIFs, without having tho re-write it across several programs.
If a hacker finds a weak spot in a DLL, it will also affect IE when it uses that DLL file. Advantages hacker a manipulated GIF file with a Trojan is suitable for infections several programs .The easisest way to go about its is to present the Trojan as part of a website that would cause the browser to use that DLL file .as soon as a user opens the websites,the PC gets infected.

THE USER User himself the most powerful weapon in the hands of the hacker. User unknowingly run malicious programs ,there will continue to be hackers who devise ways to make them do that .ex Window XP service pack 2 post its release, plug ins cannot be installed automatically in IE. Since then hackers have been supplying malicious plug-ins on popularity visited download sides with convenient installation instruction.

Shop

Wolf - 150 x 150

Dmoz

Comments