[Dshield] Security Alert: Remote Vulnerability in Internet Explorer via DCOM

Geoff Shively gshively at pivx.com
Wed Jul 3 11:52:22 GMT 2002


Allo and Good Morning!
Security Focus and The Register are running a story on IE'en, a new piece of software by SecurityFriday.com, remotely controls Internet Explorer using DCOM. Distributed Component Object Model (DCOM) is a protocol that supposedly enables software components to communicate directly over a network in a 'reliable, secure, and efficient manner'-- Right. If one knew the account name and the password of a remote machine, one can remotely control the software component on it using DCOM. For example, Internet Explorer is one of the software components that can be controlled. SecurityFriday's download site has been getting hammered, so a mirror has been put up here:  http://www.pivx.com/mirrors/secure_friday.html

-Related Links:
SecurityFriday: http://www.securityfriday.com
Security Focus Story: http://online.securityfocus.com/news/508
Register Story: http://theregister.co.uk/content/4/25977.html
Mirrored Download Site: http://www.pivx.com/mirrors/secure_friday.html
DCOM Information: http://www.microsoft.com/com/tech/DCOM.asp


Thank You,
Geoff Shively, CHO
PivX Solutions, LLC

Are You Secure?
http://www.PivX.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.dshield.org/pipermail/list/attachments/20020703/f77148d7/attachment.htm


More information about the list mailing list