[Dshield] IE 0day

David Taylor ltr at isc.upenn.edu
Mon Nov 21 15:27:24 GMT 2005


I haven't tested it but there is more information on the discoverer's site.

http://www.computerterrorism.com/research/ie/ct21-11-2005

4. TEMPORARY SOLUTION

Until a patch is developed, users are advised to disable active scripting
for non-trusted sites.


==================================================
David Taylor //Sr. Information Security Specialist
University of Pennsylvania Information Security 
Philadelphia PA USA
(215) 898-1236
http://www.upenn.edu/computing/security/
================================================== 

SANS - The Twenty Most Critical Internet Security Vulnerabilities 
http://www.sans.org/top20/

SANS - Internet Storm Center
http://isc.sans.org

irc.freenode.net #dshielders
http://freenode.net/



-----Original Message-----
From: list-bounces at lists.dshield.org [mailto:list-bounces at lists.dshield.org]
On Behalf Of Faber, Sidney
Sent: Monday, November 21, 2005 10:12 AM
To: list at lists.dshield.org
Subject: [Dshield] IE 0day


Has anyone been able to confirm any info about this IE remote code
execution 0day reported by FrSIRT?  Can anyone recommend a reasonable
defense?

http://www.frsirt.com/exploits/20051121.IEWindow0day.php



One of these IE 0days back in 2004 ushered in the new era of spyware
infestation, I hope it doesn't happen again...

Thanks!
sid


___________________
Sid Faber
Federated Investors
Information Security
sfaber at federatedinv.com
412-288-7427



Communication systems of Federated Investors, Inc. and its affiliates are
for Federated business use only and are the property of Federated.
Federated reserves the right to review all messages on its systems for any
purpose at any time and without any prior notification.  Information on the
systems may be reviewed by supervisors and senior management, provided by
Federated to regulators or law enforcement agencies, or used for other
purposes consistent with Federated's business interests.

The contents of this message may be confidential and legally privileged.  If
you have received this message in error, please notify us immediately by
e-mail at notify at federatedinv.com and then delete this message from your
system.  Please do not copy it or use it for any purposes, or disclose its
contents to any other person.  To do so could violate state and Federal
privacy laws.  Thank you for your cooperation.

_________________________________________
Using .Net? Need to know more about .Net Security?
http://isc.sans.org/banner_count.php?dest=dotnet

_______________________________________________
send all posts to list at lists.dshield.org
To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list




More information about the list mailing list