|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] Spyware installs with no interaction in IE on fully patchedXP SP2 box
From: Willem Koenings (isec
europe.com)
Date: Mon Oct 04 2004 - 10:40:39 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
hi,
> > I was unable to verify it, since I don't use IE, and would prefer not
> > infecting myself on accident, however I did run across this:
> >
> > http://themexp.org/about_wrap.php
> >
> > Perhaps one of the themes you downloaded was bundled with the spyware?
>
> two tiny links from there:
>
> http://WWW.addictivetechnologies.net/dm0/js/Confirm80wu03rd.js
> http://www.addictivetechnologies.net/DM0/cab/ATPartners.cab
btw, old trusty IE 5.01 + manually configured security settings =
no problem at all. either XP+SP2 broke seriously something in IE
or Geraldo Rivera has just poorly configured internet setting.
W.
--
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]