General Discussion | Very Dangerous Worm

Author	Message	Time
iago	http://seclists.org/lists/fulldisclosure/2004/Nov/0298.html The newest MyDoom uses a vulnerability in Internet Explorer (which has been known for two weeks, had an exploit out for 1.5 weeks, but hasn't been patched in winxpSP1 or win2k) to spread. Looking at the page advertised in emails can infect you. VERY DANGEROUS because it'll slip straight through virus scanners. Be cautious. Incidentally, the original exploit was posted here: http://seclists.org/lists/fulldisclosure/2004/Nov/0053.html We've tested that out on fully patched Windows XP SP1 at work, and it's fun to run programs on each other's computers :)	November 10, 2004, 3:07 AM
peofeoknight	There is already a way to prevent this then... use mozilla. When will people catch on, ie is not a good browser!	November 10, 2004, 3:35 AM
iago	Well, it's not always that easy. At work, unless you have a local admin account (which I do), you're stuck with IE since you can't install software. They also can't update to SP2 (we haven't moved to it yet, since it's going to break too much and we need to get damage control read), so we're rather out of luck for this. I'm going to bring this worm to the attention of the people I work for tomorrow, though.	November 10, 2004, 3:51 AM
Vicious	That's too bad Iago. Informing the people would be a very good idea. Just be careful.	November 10, 2004, 2:51 PM
hismajesty	Firefox 1.0 was just released, but I'm still using IE. There's just something about it that I like more than Firefox/any other browser. shrug	November 10, 2004, 8:52 PM
crashtestdummy	Iago if you could get firefox approved for all workstations you could use this to install it. http://firefox.dbltree.com/	November 10, 2004, 9:14 PM
iago	Thanks, but I do "security", not "operations". We tell the outsourcers what they have to do, and they eventually do it. It's a great system.	November 11, 2004, 3:45 AM
crashtestdummy	It seems to me that a browser that's insecure has to do with security :/	November 11, 2004, 6:36 AM
iago	Yeah, so we have to make the decision to change over. But to actually deploy it isn't our problem.	November 11, 2004, 7:53 AM
Myndfyr	[quote author=hismajesty[yL] link=topic=9490.msg88251#msg88251 date=1100119969] Firefox 1.0 was just released, but I'm still using IE. There's just something about it that I like more than Firefox/any other browser. shrug [/quote] From a developer's standpoint, I like the DOM and the Javascript parser better than Mozilla. I'd like to develop a similar DOM and parser independently, but I really don't think I have the ability. :/	November 11, 2004, 10:32 AM

Author

Message

Time

iago

http://seclists.org/lists/fulldisclosure/2004/Nov/0298.html

The newest MyDoom uses a vulnerability in Internet Explorer (which has been known for two weeks, had an exploit out for 1.5 weeks, but hasn't been patched in winxpSP1 or win2k) to spread. Looking at the page advertised in emails can infect you. VERY DANGEROUS because it'll slip straight through virus scanners. Be cautious.

Incidentally, the original exploit was posted here:
http://seclists.org/lists/fulldisclosure/2004/Nov/0053.html
We've tested that out on fully patched Windows XP SP1 at work, and it's fun to run programs on each other's computers :)

November 10, 2004, 3:07 AM

peofeoknight

There is already a way to prevent this then... use mozilla. When will people catch on, ie is not a good browser!

November 10, 2004, 3:35 AM

iago

Well, it's not always that easy. At work, unless you have a local admin account (which I do), you're stuck with IE since you can't install software. They also can't update to SP2 (we haven't moved to it yet, since it's going to break too much and we need to get damage control read), so we're rather out of luck for this. I'm going to bring this worm to the attention of the people I work for tomorrow, though.

November 10, 2004, 3:51 AM

Vicious

That's too bad Iago. Informing the people would be a very good idea. Just be careful.

November 10, 2004, 2:51 PM

hismajesty

Firefox 1.0 was just released, but I'm still using IE. There's just something about it that I like more than Firefox/any other browser. *shrug*

November 10, 2004, 8:52 PM

crashtestdummy

Iago if you could get firefox approved for all workstations you could use this to install it.
http://firefox.dbltree.com/

November 10, 2004, 9:14 PM

iago

Thanks, but I do "security", not "operations". We tell the outsourcers what they have to do, and they eventually do it. It's a great system.

November 11, 2004, 3:45 AM

crashtestdummy

It seems to me that a browser that's insecure has to do with security :/

November 11, 2004, 6:36 AM

iago

Yeah, so we have to make the decision to change over. But to actually deploy it isn't our problem.

November 11, 2004, 7:53 AM

Myndfyr

[quote author=hismajesty[yL] link=topic=9490.msg88251#msg88251 date=1100119969]
Firefox 1.0 was just released, but I'm still using IE. There's just something about it that I like more than Firefox/any other browser. *shrug*
[/quote]

From a developer's standpoint, I like the DOM and the Javascript parser better than Mozilla. I'd like to develop a similar DOM and parser independently, but I really don't think I have the ability. :/

November 11, 2004, 10:32 AM

Valhalla Legends Forums Archive | General Discussion | Very Dangerous Worm