MS.IE.File.DragandDrop.Code.Execution
Description
This indicates an attack attempt against a code-execution vulnerability in Microsoft Internet Explorer.
The vulnerability is caused by an error when the vulnerable software handles a "drag and drop" event. It allows a remote attacker to execute arbitrary code if a specially crafted file were "dragged and dropped" and then clicked on by the victim.
Affected Products
Microsoft Internet Explorer 6.0 SP2 and earlier versions.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the patch released by the vendor:
http://www.microsoft.com/technet/security/Bulletin/MS04-038.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |