Re: To Anyone who has Internet Explorer Installed or any other browser (Everybody)

From: ParrotRob (parrotrob_at_yahoo.com)
Date: 06/05/03


Date: Thu, 05 Jun 2003 19:14:21 GMT


"sponge" <yosponge@yahoo.com> wrote in message
news:8d76ec03.0306050225.2fe8ef5@posting.google.com...
> Two things, and I'll make them quick. First, a virus has been
> discovered by Kaspersky's about two weeks ago which uses an exploit in
> Internet Explorer that has been known -- and unpatched by Microsoft --
> for two years. There is no way to "lock down" the browser; the only
> possible way to secure yourself from this is to discontinue using
> Internet Explorer entirely. Furthermore, there is no evidence that
> Microsoft plans a patch.
>
> http://www.kaspersky.com/news.html?id=977909
> http://hackbox.thematrix.gr/modules/news/article.php?storyid=607
>
> On a related note, yet another flaw has been discovered in Internet
> Explorer that allows remote code execution. According to Microsoft's
> security update, this affects even those who DO NOT use Internet
> Explorer as their browser (read: everybody.) At least there's a patch
> for this. However, IE still cannot be safely used.
>
> http://www.microsoft.com/windows/ie/downloads/critical/818529/default.asp

"StartPage is a classic Trojan - it is sent to victim addresses directly
from the author and does not have an automatic send function. The first mass
mailing to several hundred thousand addresses ..."
<snip>
"The StartPage program is a Zip-archive that contains two files - one HTML
file and one EXE file. Upon opening the HTML file the StartPage code is
launched and proceeds to exploit the Internet Explorer security system
vulnerability known as "Exploit.SelfExecHtml". It then proceeds to
clandestinely launch the EXE file carrying the Trojan program."

So let me get this straight - someone has to MAIL me a zip archive, which I
then need to UNZIP, then actually LOAD an HTML-file contained therein to
infect myself, do I have that right? If that's the case, than saying this
is a "vulnerability in IE" is like saying my writing a simple executable to
rd /s /q c:\*. - then burying it in a zip file and mailing it to you - is a
"vulnerability in DOS".