Re: MSIE exploit
From: Bill Sanderson (Bill_Sanderson_at_msn.com.plugh.org)
Date: 08/30/03
- Next message: ABreton: "Suspected Blaster creator is caught!"
- Previous message: Bill Sanderson: "Re: Error message when I download MSblaster critical update patch"
- In reply to: Jonathan Roy: "MSIE exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 29 Aug 2003 18:10:02 -0400
I'm not sure what exploit is at this site, but you need to be running:
a) a supported version of the OS (i.e. one for which patches are still being
produced)
and b) appying all critical updates as offered by Windows Update for your
system.
This doesn't guarantee that there is no exploit out there that will get you,
but it is a baseline.
http://www.microsoft.com/security/protect/default.asp
"Jonathan Roy" <roy@idle.com> wrote in message
news:0ca001c36e2c$06472c90$a301280a@phx.gbl...
> Hi there. I recently went to this address by mistake:
>
> http:
> //211.217.224.102
> :4901
>
> I split it into three lines so someone doesn't load it by
> accident. I used active x to make a file on my computer,
> execute it, and then who knows what the computer was doing
> after that point. I managed to control-alt-delete and kill
> the msdos window and the other things it had opened
> quickly.
>
> I'm not sure if this is something preventable by a patch
> but I wouldn't think a web page should be able to create
> executable files and execute them.
>
> -Jonathan
>
- Next message: ABreton: "Suspected Blaster creator is caught!"
- Previous message: Bill Sanderson: "Re: Error message when I download MSblaster critical update patch"
- In reply to: Jonathan Roy: "MSIE exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
