IE URL vulnerability exploits have begun
James Gray
james at grayonline.id.au
Mon Jan 12 01:54:40 GMT 2004
On Mon, 12 Jan 2004 10:39 am, Chris Yuzik wrote:
> If you haven't already done so, I strongly suggest everyone get medieval
> on this exploit and kill it before it arrives in your user's inboxes.
> This time it was Bank of America. Next it will be Visa, Mastercard,
> Amex, or who knows.
>
> I have the following rule in spam.assassin.prefs.conf:
> uri IE_VULN /https?:\/\/.*%([01][0-9a-f]|7f).*@/i
> score IE_VULN 100.0
> describe IE_VULN Internet Explorer vulnerability
>
> I can't help but ask myself why Microsoft refuses to fix this
> vulnerability. Mozilla doesn't suffer from it and Konqueror doesn't
> either (long live open source). It's not like it was just discovered
> yesterday. Does anyone have a good conspiracy theory?
>
> Cheers,
> Chris
McAfee Virus Scan picks up these IE exploits as "Exploit-URLSpoof trojan"
which is kinda neat. If you are using NAI/McAfee command line scanner, you
need as a minimum:
DAT: 4311 (24-Dec-2004)
Engine: 4.2.40
Read about it here: http://vil.nai.com/vil/content/v_100927.htm
James
--
Fortune cookies says:
"If value corrupts then absolute value corrupts absolutely."
More information about the MailScanner
mailing list