[Dshield] 0-day exploit: Microsoft Internet Explorer "Msdds.d ll"Remote Code Exe cution Exploit

Johannes B. Ullrich jullrich at euclidian.com
Thu Aug 18 12:29:20 GMT 2005


IMHO, the real question with respect to releasing / not releasing 0-day
is if it has been used in the wild.

If the frsirt found out that the exploit was already circulating in the
underground, and used to exploit MSIE users, they should release the
information to the public regardless of a patch. Now releasing an
exploit that gives you a remote shell may be too much.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://www.dshield.org/pipermail/list/attachments/20050818/3c1c00c8/signature.bin


More information about the list mailing list