[Dshield] Exploit for IE vulnerability (MS05-038) appears same day as patch

Valdis.Kletnieks@vt.edu Valdis.Kletnieks at vt.edu
Wed Aug 10 03:46:14 GMT 2005


On Tue, 09 Aug 2005 23:51:10 -0000, "Fergie (Paul Ferguson)" said:
> Well, I'd recmmend that users patch this hole immediately, because over on
> FrSIRT, an exploit for this vulnerabilty has already shown up. Details on both
> below.

Does anybody outside Microsoft's PR department *really* believe these exploits
are reverse-engineered from the patch?  I suspect we're going to see a lot of
PoC's coming in for a landing now that a patch is available, reducing the 0-day's
effectiveness...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20050809/46596a7c/attachment.bin


More information about the list mailing list