Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: How often are IE security holes exploited?
From: Blue Boar <BlueBoar () thievco com>
Date: Thu, 12 Dec 2002 14:50:54 -0800

Richard M. Smith wrote:
Has anyone ever looked into how often security holes in Internet
Explorer are actually used in viruses, worms, Trojan horses, and other
malware?  My sense is that very few of them are actually used in the
wild.

Define "how often". It's either every day, or somewhere around 1 in 30 vulnerabilities. :)

The KaK and Klez worms both use IE security holes to do their
dirty work, but most other Windows viruses seem to rely on social
engineering and standard features of Microsoft products.

If folks know of other malware that make use of IE security holes,
please let me know.  I'm putting together a little list.

Nimda. There must be a few more as well. I still constantly get email that tries to use various IE exploits, and I don't believe they're all Nimda, Kak, and Klez.

                                        BB

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]