|
|
|
|
|
|
by servowire
4238 days ago
|
|
|
The attack vector is a bit vague, and I'm not sure how to bring this news to some of my clients. Is the exploit only for when running services on/to the internet (IIS, Exchange webmail, etc - ) , or is visiting an https (TLS) website on and end-user enough to make the exploit happen (even in Firefox/Chrome and behind a tradional proxy server). Sadly Microsoft does not explain the exact parameters that make this exploit tick - this makes risk assessment hard. |
|
|
See more: http://adi.is/winshock.txt