Nah.. It asks you. As does a crash of Office XP products, like Access 2002.
What would really be interesting is to capture this process, and see
how/where it is being posted to MS. I wonder if they have stop-gaps in
place to prevent the automated flooding of their data warehouse when
reproduced for malicous purposes. Hmmm. I think I can crash Access pretty
readily- I'll do this and post the results if anyone is interested.

AD

----- Original Message -----
From: "PIATT, BRET L (PB)" <bp3847sbc.com>
To: <vuln-devsecurityfocus.com>
Sent: Thursday, October 25, 2001 10:13 AM
Subject: RE: Fwd: Please post this anonymously (without my email-address and
such)

>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I do believe its automatic in IE5.5 SP2 and IE6 and has to be
> disabled through the registry. I recall some information about this
> from somebody on either this list or Bugtraq in the past month. I
> can't seem to find the message now, maybe somebody else can? It had
> a list of registry keys you need to change to disable this.
>
> Bret Piatt | Network Security Engineer II | CISSP-CCNP-CCDP
> SBC DataComm | Advanced Security Services Group | SCNA-RHCE-MCP
>
>
> - -----Original Message-----
> From: Chris Carey [mailto:chrissublimespot.com]
> Sent: Wednesday, October 24, 2001 2:48 PM
> To: vuln-devsecurityfocus.com
> Subject: Re: Fwd: Please post this anonymously (without my
> email-address and such)
>
>
> After a crash, IE Bug Reporting requires you to click a button to
> actually send the bug report. I dont believe it is automatic, like
> John Doe suggested.
>
> So I guess from here lets add the 'Spoof the Screen' IE vuln into the
> mix and trick them into sending the report
>
> At this point I dont see this scenario as a threat.
>
> Chris
>
> - ----- Original Message -----
> From: "Mike DeGraw-Bertsch" <mbertschradioactivedata.org>
> To: "Blue Boar" <BlueBoarthievco.com>
> Cc: <vuln-devsecurityfocus.com>
> Sent: Wednesday, October 24, 2001 8:51 AM
> Subject: Re: Fwd: Please post this anonymously (without my
> email-address and
> such)
>
>
> > An interesting thought, though you'd have to get the virus to
> > propogate prior to Outlook crashing. Otherwise you'd have to send
> > a heck of a lot of messages yourself.
> >
> > -Mike
> >
> > On Tue, 23 Oct 2001, Blue Boar wrote:
> >
> > > > A few of my co-workers and I were just discussing the new error
> reporting
> > > > functions of Internet Explorer, and we came up with a nasty
> > > > idea for a
> virus
> > > > utilizing that function as a method of causing a DoS. The idea
> > > > is to
> write
> > > > a virus that propagates through email (nothing new here) and
> > > > exploits Outlook and Outlook Express to achieve that
> > > > propagation. This virus
> would
> > > > essentially cause the autopreview pane of Outlook to open
> > > > viewing some
> type
> > > > of HTML/ASP, etc in a way that would cause IE to crash when
> > > > attempting
> to
> > > > sort it. At that point, with the more recent releases of IE,
> > > > there
> would be
> > > > an automatic initiation of debug data sent to Microsoft,
> > > > through using
> DNS
> > > > to resolve.
> > > >
> > > > Obvious effects would be a likely DoS on business networks and
> > > > on Microsoft's debug servers. Other effects could include
> > > > difficulty in reaching and downloading patches for the
> > > > vulnerabilities in the
> software (if
> > > > Microsoft patch servers are utilizing the same WAN link as the
> > > > debug servers), as well as possible effects upon DNS servers,
> > > > especially at Microsoft. In addition, as has already been
> > > > talked about, an enormous amount of private information
> > > > possibly stored on the debugs would be forwarded as well. I
> > > > would imagine that this type of virus could also effect other
> > > > kinds of "bugzilla" services.
> > > >
> > > > Just a thought...
> > >
> >
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 7.0
>
> iQA/AwUBO9hIHl+IxmqPU329EQKBzwCfc6l4kOAUm9GFXwVsJBDITj0lhTYAn1yq
> AaQke/iHCyHCPM49/N2PpjMK
> =CUDB
> -----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]