[Dshield] An unfixed highly critical vulnerability discovered in Microsoft Internet Explorer

Alan Frayer afrayer at frayernet.com
Thu Apr 8 17:04:55 GMT 2004

On Thu, 2004-04-08 at 11:39, Johannes B. Ullrich wrote:

> BugBear.C, which was released yesterday, is using this unpatched MSIE
> vulnerability. Just clicking on the URL sent
> by the worm will get you infected. NO POPUPS! NO WARNINGS!
> There is no good workaround. Disabling Active X will not help.
> Given that this is likely going to be exploited by other viruses
> shortly, I strongly recommend not to click on any URLs.
> Details: http://www.dshield.org/vultest.php

So, you tell us not to click URLs, then you give us a URL? <g>

Johannes, the obvious advice is to switch to a non-MS browser, such as
Mozilla or Opera, but what is an AOL subscriber to do? They can't get
rid of their imbedded MS browser.

Alan Frayer, CNE, CNI, CIW CI, MCP, Net+ - afrayer at frayernet.com
Member: Independent Consultants Association (ICA)
Consultants - FREE Directory Listing - http://www.ica-assn.org

More information about the list mailing list