[Full-Disclosure] Question about the new Xupiter toolbar
From: Richard M. Smith (rms@computerbytesman.com)
Date: 01/30/03
- Previous message: David Vincent: "RE: [Full-Disclosure] SQL Server patch - why doesn't Windows upda te help?"
- Next in thread: xss-is-lame@hushmail.com: "Re: [Full-Disclosure] Question about the new Xupiter toolbar"
- Maybe reply: xss-is-lame@hushmail.com: "Re: [Full-Disclosure] Question about the new Xupiter toolbar"
- Reply: Brian McWilliams: "Re: [Full-Disclosure] Question about the new Xupiter toolbar"
- Reply: Thor Larholm: "Re: [Full-Disclosure] Question about the new Xupiter toolbar"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Richard M. Smith" <rms@computerbytesman.com> To: <full-disclosure@lists.netsys.com>, "'Richard M. Smith'" <rms@computerbytesman.com> Date: Thu, 30 Jan 2003 12:40:20 -0500
Hi,
Has anyone looked into this new Xupiter toolbar to see how it is being
installed on people's computer? In particular is it using some IE
security hole for the install or does it just use the standard ActiveX
drive-by download mechanism?
Here's more info about Xupiter from Slashdot:
World's Most Annoying IE Toolbar
Posted by michael on Thursday January 30, @09:02AM
from the someone-will-surpass-it-soon dept.
nautical9 writes "Following the same devious footsteps of the infamous
Bonzi Buddy, Gator, and Comet Cursor "enhancements", Xupiter now has
their own self-installing toolbar for IE. There are many claims that if
you leave your security preferences at their default level, it will
install itself without your express permission. And once on your system,
it's gracious enough to reset your homepage to xupiter.com, forward all
your searches to their search engine, download and automatically launch
applications (like gambling applets), and blocks all attempts to set
these back to normal. Removing it isn't trivial either - it
automatically checks for updates upon reboot, where it constantly
changes the registry settings it uses, making the jobs of spyware
removal programs like AdAware or Spybot Search & Destroy much harder. No
word yet if it collects and forwards personal data."
http://slashdot.org/articles/03/01/30/1314236.shtml?tid=113
Richard M. Smith
http://www.ComputerBytesMan.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Next message: qobaiashi: "Re: [Full-Disclosure] LAFFING MY SOCKZ OFF"
- Previous message: David Vincent: "RE: [Full-Disclosure] SQL Server patch - why doesn't Windows upda te help?"
- Next in thread: xss-is-lame@hushmail.com: "Re: [Full-Disclosure] Question about the new Xupiter toolbar"
- Maybe reply: xss-is-lame@hushmail.com: "Re: [Full-Disclosure] Question about the new Xupiter toolbar"
- Reply: Brian McWilliams: "Re: [Full-Disclosure] Question about the new Xupiter toolbar"
- Reply: Thor Larholm: "Re: [Full-Disclosure] Question about the new Xupiter toolbar"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
