Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Do Or Die!

Nov 18, 2003 4:15PM PST

Some of you may not know the name Liu Die Yu [yet]. He is a rising rock star in the client side security field, having already found numerous critical bugs in the Microsoft Internet Explorer series of 'browsers'.

The most recent being a full and complete remote compromise by simply viewing a webpage. The very latest: "silent delivery and installation of an executable on a target computer. No client input other than viewing a webpage" now promptly patched by the manufacturer of this so-called browser:

Six Step IE Remote Compromise Cache Attack - http://www.safecenter.net/UMBRELLAWEBV4/execdror5/execdror5-MyPage.htm

Liu Die Yu is a brilliant teenager currently in school in China. Several months ago a multi-national software manufacturing conglomerate gave Liu Die Yu a brand new computer with the latest and greatest software and gadgetry imaginable in exchange for cooperation and 'free' security research of their dismal products.

Overwhelmed by his findings and realising that such enormous discoveries lay in the hands of this young man, the multi-national software manufacturing conglomerate immediately seized back the computer and cut-off all further communications with him. No doubt in an attempt to bury their heads in the sand, and pray that his findings would go away.

http://www.malware.com/do-or-die!.html

Discussion is locked