Cookiejacking: 0-day exploit of all Internet Explorer versions

I mean, this is clever and all, but what am I missing? Isn't this just an IE bug? That you can access cookie files as IFRAME targets? Is there some part of the IE architecture that <i>depends</i> on that functionality, or is Microsoft just going to patch that?<p>Because pretty much all the browsers, on a better-than-quarterly basis, fall victim to attacks that allow arbitrary web pages to <i>upload code into their processes and run it</i>.<p>Just not sure this needed the "attack class" name.

Apparently that page has been shut down by Google?<p>"This site has been disabled for violations of our Terms of Service. If you feel this disabling was in error, please fill out our appeal form."

Novel approach, but I'm curious how many networks let 445 smb over tcp out? Enterprise networks sure shouldn't, my office doesn't, my house doesn't though admittedly most people won't be configured this way. But don't big carriers like comcast also filter common microsoft ports like this and 139 because of worm and exploit activity?

Can someone describe the white hat credo with respect to 0 day exploits?<p>Did he give Microsoft a head's up about these and a chance to respond before going public? Or does he just give a conference talk and post it to his blog, potentially providing the information allowing thousands of browsers to get compromised (assuming they weren't already) before privately letting Microsoft get a chance to patch it?

If this attack involves "simply sniffing TCP 445" why not just MITM the whole session?<p>The state of security is becoming an over-hyped sideshow of late where the most trivial attacks, which would work maybe 1% of the time in the wild, are getting mass exposure.<p>I have a 0day in RHEL 5, you simply need to log onto the machine as root and run this script...