According to security researchers, the Windows URI (protocol handler) flaw discovered last week in Windows might also be found in Unix-like operating systems such as Linux or MacOS X. Security researcher Nathan McFeters, who spent quite a bit of time looking into this vulnerability, hopes he will be able to demonstrate it also on *nix systems during is presentation at the toorcon hacking conference, October 19-21, in San Diego, USA.

While McFeters and his team have yet to execute arbitrary code on a Unix-like system through that vulnerability, he said they had some success and are following promising leads.

"URI" protocol handler is the mechanism used by web browsers to launch other applications on the system when they encounter other protocols than regular HTTP (web). It's, for example, what happens when a browser encounters a "mailto:" prefix and launches the system's default mail client. When abused, this capacity might allow for a malicious website to launch a vulnerable application on the target system with specific parameters tailored to exploit it.