[unisog] vml (and mdac?) exploited web sites

Gary Flynn flynngn at jmu.edu
Mon Feb 5 22:22:43 GMT 2007

power less wrote:
> I was curious as to what people should search for if they wanted to know 
> if vml (and mdac?) exploits had made it onto any web pages
> in their neighborhood. That would be a worthy cause, wouldn't it, 
> checking web pages for badness? I don't suppose there a free utility 
> that does that?

Microsoft has a project to search out malicious
web sites. They have some papers describing it


> "We literally find tens of thousands of these things every day -- 
> they're everywhere from big-name sites like this one to mom-and-pop 
> bakery shops," said Dan Hubbard, vice president of security research at 
> Websense. "It's definitely a good lesson in staying up to date on the 
> patches."
> Well geez, how about we also
> 1. stop the miscreants from breaking in and planting crud on people's 
> web sites
> 2. detect this stuff so that web owners/institutions can remove such 
> malicious code as soon as it gets in

Our IPS systems detect malware and/or hostile scripts hosted on small
business, hobby, and other organizational web sites often enough to
be quite disconcerting. Since detection requires that someone in our
population access such a site, I can only surmise that there are a
lot more out there that we do not see.

Kind of makes the term "trusted web site" hard to

Gary Flynn
Security Engineer
James Madison University

More information about the unisog mailing list