A Blog for GraymadMusings about ASP.NET and more...by G. Andrew DuthieNews coming Monday...- July 14, 2004 In a little less than a week, I’ll have an announcement to make here…watch this space!http://weblogs.asp.net/gad/archive/2004/07/13/182679.aspx MS04-024: Vulnerability in Windows Shell Could Allow Remote Code Execution (839645)- July 13, 2004 Another example of why it’s a bad idea to run as an administrator on a day-to-day basis: This update resolves a newly-discovered, publicly reported vulnerability. A remote code execution vulnerability exists in the way that the Windows Shell launches applications. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting.http://weblogs.asp.net/gad/archive/2004/07/13/181964.aspx |