SUPER SPOOF DELUXE Re: [Full-Disclosure] Microsoft and Security

http-equiv_at_excite.com
Date: 06/29/04

  • Next message: Hubbard, Dan: "BHO Trojan follow-up information"
    Date:         Tue, 29 Jun 2004 18:41:11 -0000
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    >Here's a quick and dirty demo injecting malware.com into
    >windowsupdate.microsoft.com :)

    >http://www.malware.com/targutted.html

    Thomas Kessler was kind enough to inform that this is not new,
    but in fact on old "issue" with Internet Explorer which by all
    accounts was supposed to be "patched" back in 1998[?]:

    Microsoft Security Program: Microsoft Security Bulletin (MS98-
    020) Patch Available for 'Frame Spoof' Vulnerability

    http://www.microsoft.com/technet/security/bulletin/ms98-020.mspx

    Quite clearly this contraption known as Internet Explorer is
    just broken. It's oozing pus from every pore at this stage.

    If indeed the issues are the exact same.

    You'd better wipe hands of it anyway.

    We give up.

    --
    http://www.malware.com
    -----
    NTBugtraq Editor's Note:
    Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you'll have to copy their email address out of the message and place it in your TO: field.
    -----
    

  • Next message: Hubbard, Dan: "BHO Trojan follow-up information"

    Relevant Pages

    • SUPER SPOOF DELUXE Re: [Full-Disclosure] Microsoft and Security
      ... Thomas Kessler was kind enough to inform that this is not new, ... accounts was supposed to be "patched" back in 1998: ... Microsoft Security Program: Microsoft Security Bulletin (MS98- ... Quite clearly this contraption known as Internet Explorer is ...
      (Bugtraq)
    • SUPER SPOOF DELUXE Re: [Full-Disclosure] Microsoft and Security
      ... Thomas Kessler was kind enough to inform that this is not new, ... accounts was supposed to be "patched" back in 1998: ... Microsoft Security Program: Microsoft Security Bulletin (MS98- ... Quite clearly this contraption known as Internet Explorer is ...
      (Full-Disclosure)
    • [Full-Disclosure] SUPER SPOOF DELUXE : Take Two
      ... Thomas Kessler was kind enough to inform that this is not new, ... accounts was supposed to be "patched" back in 1998: ... Microsoft Security Program: Microsoft Security Bulletin (MS98- ... Quite clearly this contraption known as Internet Explorer is ...
      (Full-Disclosure)
    • Re: Microsoft Security Bulletin MS03-040 - 828750
      ... Pardon me, but do you have ANY idea how foolish your post is? ... > Title: Cumulative Patch for Internet Explorer Execution > Date: October 3, ... > The Microsoft Security Response Center has released Microsoft Security> Bulletin MS03-040 ...
      (microsoft.public.security.virus)
    • Re: Microsoft Security Bulletin MS03-040 - 828750
      ... Pardon me, but do you have ANY idea how foolish your post is? ... > Title: Cumulative Patch for Internet Explorer Execution > Date: October 3, ... > The Microsoft Security Response Center has released Microsoft Security> Bulletin MS03-040 ...
      (microsoft.public.win2000.security)