Fwd: Please post this anonymously (without my email-address and such)

From: Blue Boar (BlueBoar@thievco.com)
Date: 10/24/01 

Date: Tue, 23 Oct 2001 22:44:42 -0700
From: Blue Boar <BlueBoar@thievco.com>
Subject: Fwd: Please post this anonymously (without my email-address and such)
To: vuln-dev@securityfocus.com
Message-id: <3BD6554A.2409E3AD@thievco.com>

> A few of my co-workers and I were just discussing the new error reporting
> functions of Internet Explorer, and we came up with a nasty idea for a virus
> utilizing that function as a method of causing a DoS. The idea is to write
> a virus that propagates through email (nothing new here) and exploits
> Outlook and Outlook Express to achieve that propagation. This virus would
> essentially cause the autopreview pane of Outlook to open viewing some type
> of HTML/ASP, etc in a way that would cause IE to crash when attempting to
> sort it. At that point, with the more recent releases of IE, there would be
> an automatic initiation of debug data sent to Microsoft, through using DNS
> to resolve.
>
> Obvious effects would be a likely DoS on business networks and on
> Microsoft's debug servers. Other effects could include difficulty in
> reaching and downloading patches for the vulnerabilities in the software (if
> Microsoft patch servers are utilizing the same WAN link as the debug
> servers), as well as possible effects upon DNS servers, especially at
> Microsoft. In addition, as has already been talked about, an enormous
> amount of private information possibly stored on the debugs would be
> forwarded as well. I would imagine that this type of virus could also
> effect other kinds of "bugzilla" services.
>
> Just a thought...

Relevant Pages

  • Re: i blame microsoft for swen
    ... The newsgroup servers are a service provided to members to help create ... The newsgroup server ... The owners of the machines spreading this virus probably don't even ... This makes things difficult for Microsoft, ...
    (microsoft.public.security.virus)
  • Re: Fwd: Please post this anonymously (without my email-address and such)
    ... though you'd have to get the virus to propogate ... >> Outlook and Outlook Express to achieve that propagation. ... >> an automatic initiation of debug data sent to Microsoft, ... >> Microsoft's debug servers. ...
    (Vuln-Dev)
  • [Full-Disclosure] Asynchronous, industry-wide virus naming scheme proposed
    ... The suggestion of a numerical naming ... The autumn 2003 conference of computer virus researchers in Toronto ... vendors sharing full samples with each other, ... Just like the current Net system of 13 root level DNS servers and ...
    (Full-Disclosure)
  • Re: SOPHOS Antivirus
    ... business they can have the business related email sent to their company ... The availability of personal email (from non-company servers) while at ... NAV Corporate and SBE provide all that you state SOPHOS ... Virus protection software is mostly reactive, ...
    (alt.computer.security)
  • Re: Card Reader
    ... it is theoretically possible to infect a Unix executable with a virus, such things are almost never seen in the wild because the Unix design blocks them from propagating. ... Contrast that with the virus sewer that Windows users swim in every day. ... Until I retired I worked with AIX servers,, and the same precautions were in effect for them as for the 40 or so Windows servers we used. ...
    (rec.photo.digital)