[Dshield] Security Alert: Remote Vulnerability in Internet Explorer via DCOM
gshively at pivx.com
Wed Jul 3 11:52:22 GMT 2002
Allo and Good Morning!
Security Focus and The Register are running a story on IE'en, a new piece of software by SecurityFriday.com, remotely controls Internet Explorer using DCOM. Distributed Component Object Model (DCOM) is a protocol that supposedly enables software components to communicate directly over a network in a 'reliable, secure, and efficient manner'-- Right. If one knew the account name and the password of a remote machine, one can remotely control the software component on it using DCOM. For example, Internet Explorer is one of the software components that can be controlled. SecurityFriday's download site has been getting hammered, so a mirror has been put up here: http://www.pivx.com/mirrors/secure_friday.html
Security Focus Story: http://online.securityfocus.com/news/508
Register Story: http://theregister.co.uk/content/4/25977.html
Mirrored Download Site: http://www.pivx.com/mirrors/secure_friday.html
DCOM Information: http://www.microsoft.com/com/tech/DCOM.asp
Geoff Shively, CHO
PivX Solutions, LLC
Are You Secure?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the list