Re: All patches, but still exploited
From: Robert Moir (bofh_at_mvps.org)
Date: 04/12/04
- Next message: Greg: "Re: All patches, but still exploited"
- Previous message: Roger Abell [MVP]: "Re: All patches, but still exploited"
- In reply to: Greg: "Re: All patches, but still exploited"
- Next in thread: Greg: "Re: All patches, but still exploited"
- Reply: Greg: "Re: All patches, but still exploited"
- Reply: Greg: "Re: All patches, but still exploited"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 12 Apr 2004 18:10:07 +0100
Greg wrote:
> "Robert Moir" <bofh@mvps.org> wrote in message
> news:#JdkYeKIEHA.2252@TK2MSFTNGP10.phx.gbl...
>> Greg wrote:
>> Well that redirected me to a games playing page which tried to force
>> me to install a porn dialer in order to play its games, and got
>> quite snotty when i clicked no.
>>
>> Excuse me, but is it possible that you may have inadvertantly
>> clicked "yes" or "Ok" to any of this crap's requests to install
>> itself?
>>
>
> No, I didn't click anything. I tested it several times under Windows
> 2000 Professional. I let everything open and then ran Ad-Aware. I
> never clicked a thing.
Ok, I've ran some tests on that dogbomb url you posted:
Win XP SP1, all post SP1 fixes applied:
-- no problem
Win 2003, all fixes applied, IE Enhanced security config removed, no other
changes made
-- no problem
Win 2003, all fixes applied, IE Enhanced security config in place. no other
changes made
-- no problem.
Win 2003, all fixes applied, IE Enhanced security removed, security reduced
from the default high to medium.
-- "pop-up" pusher installed (based on pup.exe, see
http://www.annoyances.org/exec/forum/winxp/1078766671)
Win 2003, default install w/ no patches, no other changes made
-- no problem.
Win 2003, default install w/ no patches, IE enhanced security config
removed, security reduced from the default high to medium.
-- pop up pusher installed, media player fooled with (prompting the system
file checker message you report), home page changed, typical spyware hit and
run really.
The only way I can reproduce your problem is by turning the default security
settings down to a non-reccomened level and not patching the machine with
all the currently published (on windows update i mean) updates.
I don't know if I'm doing anything different to you, but i've spent some
time testing this scenario and thats my results.
-- -- Rob Moir, Microsoft MVP for servers & security Website - http://www.robertmoir.co.uk Virtual PC 2004 FAQ - http://www.robertmoir.co.uk/win/VirtualPC2004FAQ.html Kazaa - Software update services for your Viruses and Spyware.
- Next message: Greg: "Re: All patches, but still exploited"
- Previous message: Roger Abell [MVP]: "Re: All patches, but still exploited"
- In reply to: Greg: "Re: All patches, but still exploited"
- Next in thread: Greg: "Re: All patches, but still exploited"
- Reply: Greg: "Re: All patches, but still exploited"
- Reply: Greg: "Re: All patches, but still exploited"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
