From the report:
Based on testing done in Windows XP SP2 with the latest version of Yahoo! Messenger (8.1.0.421) using the said DLL component, programs or Web sites using the CLSID related to the said DLL can download files from the Internet. Users can be lead to malicious/non-malicious sites that will first prompt for an ActiveX warning. When users allow the said ActiveX component to execute, FT60.DLL downloads files specified by the program or Web site.
It will be hard to lead a user to a Web site and then fool the user to allow an unknown ActiveX component to run. But it can be done. Users are advised to be careful when clicking on links sent via IM or installing applications from untrusted sources.
Whether a malware will leverage on this remains to be seen.
No comments:
Post a Comment