![]() ![]() ![]() Or go to the expense of buying a cert, for distribution – which is not as hard for malware authors as it used to be. frx) and generate a self signed certificate for themselves. You would have to export the form, get another user to install both files (.frm and. Poster NetDef on the AskWoody Lounge puts it this way: You can create a Form that exhibits the problematic behavior-but it isn’t at all clear that you can infect somebody else. The technique described in the blog is not a software vulnerability and can only be leveraged using an account that has already been compromised by another method.Īs best I can tell, that’s correct. The Register approached Microsoft with that question and received this reply: Are we looking at a long-standing security hole in Outlook? The greater question is whether this particular approach can be used to compromise PCs. That’s not great, but in and of itself it’s a relatively minor problem, which hinges on the definition of “all other macros.” Sensepost explains that the VBScript engine is “separate from the VBA Macro script engine.” Is a VBScript script inside a Form really a macro? You decide.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |