[unisog] Super-hidden spamming exploits?

Gary Flynn flynngn at jmu.edu
Thu Sep 25 17:04:25 GMT 2003



Rita Seplowitz Saltz wrote:

> Greetings.
> 
> We've seen a number of student-owned MS Windows machines exploited by 
> spammers, even after the "usual suspects" have been addressed 
> (administrator password, backdoors, remote code, spyware, assorted 
> viruses) and the systems are believed to have been locked down securely.
> 
> Has anyone else seen this kind of thing?  And, if so,  have you any 
> helpful insights to offer?

Pure speculation on my part but my money would be on the unfixed
IE defects related to HTA object type:

http://www.kb.cert.org/vuls/id/865940

-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe



More information about the unisog mailing list