![[H]ardOCP](/images/blank.gif){kind=small}
Microsoft's IGMPv3 Vulnerability Can Be Exploited
What is the best way to find out whether or not a vulnerability can be exploited? Downplay its significance and wait until someone demonstrates a proof-of-concept exploit….wait, that’s not the best way. What was the question again?
"This demonstrates conclusively that the MS08-001 IGMPv3 vulnerability is highly exploitable," said Dave Aitel, CTO of Immunity, in a message sent to one of the company's computer security mailing lists. "In the movie you can see the attack target a local subnet, which is populated with two Windows XP SP2 machines (with firewall enabled)."