[Dshield] An unfixed highly critical vulnerability discovered in Microsoft Internet Explorer

Alan Frayer afrayer at frayernet.com
Thu Apr 8 17:04:55 GMT 2004


On Thu, 2004-04-08 at 11:39, Johannes B. Ullrich wrote:


> BugBear.C, which was released yesterday, is using this unpatched MSIE
> vulnerability. Just clicking on the URL sent
> by the worm will get you infected. NO POPUPS! NO WARNINGS!
> 
> There is no good workaround. Disabling Active X will not help.
> 
> Given that this is likely going to be exploited by other viruses
> shortly, I strongly recommend not to click on any URLs.
> 
> Details: http://www.dshield.org/vultest.php


So, you tell us not to click URLs, then you give us a URL? <g>

Johannes, the obvious advice is to switch to a non-MS browser, such as
Mozilla or Opera, but what is an AOL subscriber to do? They can't get
rid of their imbedded MS browser.


________________________________________________________________________
Alan Frayer, CNE, CNI, CIW CI, MCP, Net+ - afrayer at frayernet.com
Member: Independent Consultants Association (ICA)
Consultants - FREE Directory Listing - http://www.ica-assn.org




More information about the list mailing list