[Dshield] An unfixed highly critical vulnerability discoveredin Microsoft Internet Explorer

Jon R. Kibler Jon.Kibler at aset.com
Thu Apr 8 18:31:06 GMT 2004


"Johannes B. Ullrich" wrote:
> BugBear.C, which was released yesterday, is using this unpatched MSIE
> vulnerability. Just clicking on the URL sent
> by the worm will get you infected. NO POPUPS! NO WARNINGS!
> 
> There is no good workaround. Disabling Active X will not help.
> 
> Given that this is likely going to be exploited by other viruses
> shortly, I strongly recommend not to click on any URLs.

I am presently swamped and really don't have any free time to 
research a couple of questions Johannes' email raises, so can 
someone please give me a heads-up about this... 

Q #1: Is it possible to create a Trojan web site that would contain
a link that could infect a system in a manner similar to an email?

Q #2: If the AV sigs are up to date, will that stop the worm, or as
Johannes' email says "Just clicking on the URL sent by the worm will 
get you infected. NO POPUPS! NO WARNINGS!" (Does that mean you will
get infected even if you have the latest AV sigs?)

Thanks!
Jon Kibler
-- 
Jon R. Kibler
Chief Technical Officer
A.S.E.T., Inc.
Charleston, SC  USA
(843) 849-8214




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.



More information about the list mailing list