Re: CRITICAL??? - Seven New Flaws in Internet Explorer not
From: Christopher Bolton (bolton_at_MED.UMICH.EDU)
Date: 12/03/03
- Previous message: Mail contact i2s-lab.com: "SHELL32.DLL Denial of Service"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 3 Dec 2003 08:30:04 -0500 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
I have tried the demo code out with the latest version of the Google
Toolbar installed with the pop-up blocker set to on. It also stopped
the demo from executing. With the pop-up blocker turned off, another
window opened up with two concentric rectangles in it, but no "fire".
We run McAfee Virus Scan 7.0 here, and it appears that it is identifying
the demo code as malicious and is stopping it. Virus Scan moves the
code file to the Quarantine area. It identifies it as
"Exploit-CodeBase".
I would think that an actual wormable exploit wouldn't necessarily use
a pop-up window as part of its functionality. So I wonder if having
pop-up blocking software on a machine will actually mitigate any new
exploits.
Thoughts?
Chris Bolton
Chris Bolton Systems Programmer Phone:
734-936-3576
bolton@umich.edu Core Image Development Pager:
734-670-1228
University of Michigan Health Systems
Medical Center Information Technology
------ ------ ------ ------ ------ ------
------ ------ ------ ------
The trouble with Tribbles is that they are so hard to barbecue...
-----
Want to reply to the person who sent this message?
This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you''ll have to copy their email address out of the message and place it in your TO: field.
-----
- Previous message: Mail contact i2s-lab.com: "SHELL32.DLL Denial of Service"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
