Question to everyone:
Is it feasible to write an effective network-only check for the latest IE6
VML vulnerability?
My response thusfar is no, primarily because I think there are many
different ways one could mask traffic to exploit the vulnerability. Perhaps,
more fundamental, is the nature of this vulnerability - it is higher up in
the stack and thus, will require more resident or privileged means to
effectively check for the vulnerability.
Thoughts?
Is it feasible to write an effective network-only check for the latest IE6
VML vulnerability?
My response thusfar is no, primarily because I think there are many
different ways one could mask traffic to exploit the vulnerability. Perhaps,
more fundamental, is the nature of this vulnerability - it is higher up in
the stack and thus, will require more resident or privileged means to
effectively check for the vulnerability.
Thoughts?