Ooops, they did it again…
A whole new hacking style was discovered due to the complete incompetence of Microsoft’s engineers. When will they understand that security means the opposite of trust?
You can choose whatever framework you want (Java, .NET, ActiveX) build a simple program and have total control of the user’s machine in seconds. All that because our beloved Windows browsers trusts Microsoft’s technology only too much. And worse, the Windows kernel trusts Microsoft’s browsers and .NET too much too!
ActiveX attacks are not new, IE has an extensive history of huge holes through their magnificent piece of crap. Rendering Windows’ security hopeless is also not new, Outlook for decades gave hackers a free feature of one-click-exploit ™ but this is completely crazy.
No matter which way you go, what framework you use and what path you take, total control of the machine is a few clicks away. Worse still, as this confidence in crap dates back from Windows 2.0, I wouldn’t be surprised if they find they can do the same on all versions of any software (ahem…) they’ve produced so far, including DOS 1.0!!
Oh well, you can’t say you didn’t know, can you?