[Dshield] An unfixed highly critical vulnerability discoveredin Microsoft Internet Explorer

Paul Marsh pmarsh at nmefdn.org
Thu Apr 8 16:01:33 GMT 2004


LOL nice Johannes :)  

 > Details: http://www.dshield.org/vultest.php

Thanx, Paul

> -----Original Message-----
> From: Johannes B. Ullrich [mailto:jullrich at sans.org] 
> Sent: Thursday, April 08, 2004 11:39 AM
> To: General DShield Discussion List
> Subject: Re: [Dshield] An unfixed highly critical 
> vulnerability discoveredin Microsoft Internet Explorer
> 
> On Thu, 2004-04-08 at 09:15, Peter Stendahl-Juvonen wrote:
> > An unfixed highly critical vulnerability discovered in Microsoft 
> > Internet Explorer
> 
> Just a note about this one: I keep ignoring MSIE exploits, as 
> I keep ignoring variants of Skynet, Beagle, Bugbear and friends.
> 
> This has been a bad combination!
> 
> BugBear.C, which was released yesterday, is using this 
> unpatched MSIE vulnerability. Just clicking on the URL sent 
> by the worm will get you infected. NO POPUPS! NO WARNINGS!
> 
> There is no good workaround. Disabling Active X will not help.
> 
> Given that this is likely going to be exploited by other 
> viruses shortly, I strongly recommend not to click on any URLs.
> 
> Details: http://www.dshield.org/vultest.php
> 
> 
> -- 
> CTO SANS Internet Storm Center               http://isc.sans.org
> phone: (617) 837 2807                          jullrich at sans.org 
> 
> contact details: http://johannes.homepc.org/contact.htm
> 



More information about the list mailing list