http://www.darkart.com/index.htmlHot News!eneric.hall+log@darkart.comCopyright 2007 Eric Hall2007-05-01T13:34:37-07:00 hourly 1 2000-01-01T12:00+00:00 Tue, 01 May 2007 13:39:20 -0700eric.hall+log@darkart.comHome2007-05-01T13:34:37-07:00http://www.darkart.com/people/eric/log/log_files/265bee65fc9c16446215fc65f932be9a-3.html#unique-entry-id-3http://www.darkart.com/people/eric/log/log_files/265bee65fc9c16446215fc65f932be9a-3.html#unique-entry-id-3released QuickTime 7.1.6 which includes a fix for said exploit. I think that's a pretty fast turn-around time, kudos to those who cranked it out.]]>eric.hall+log@darkart.comSecurity2007-04-28T22:48:30-07:00http://www.darkart.com/people/eric/log/log_files/85ae27e96d39cc7b0a6fd22f1771a6c4-2.html#unique-entry-id-2http://www.darkart.com/people/eric/log/log_files/85ae27e96d39cc7b0a6fd22f1771a6c4-2.html#unique-entry-id-2CanSecWest "PWN to OWN" contest. There's clearly a problem, there may or may not be an exploit in the (malicious) wild, and 3COM's Zero Day Initiative has the full information (which I fully expect they've shared with Apple by now). It'll be interesting to see how long it takes to fix this, and what exactly becomes public about how the exploit works. In the meantime, as it seems like browser Java is the vector used, I'm wondering how many people are now turning off Java in their browsers (and, of course, if that really matters).]]>eric.hall+log@darkart.comHome2007-02-25T19:42:51-08:00http://www.darkart.com/people/eric/log/log_files/5aeadfafb33c513a27815b5711b46482-0.html#unique-entry-id-0http://www.darkart.com/people/eric/log/log_files/5aeadfafb33c513a27815b5711b46482-0.html#unique-entry-id-0