mailing list archives
RE: new internet explorer exploit (was new worm)
From: "Thor Larholm" <thor () pivx com>
Date: Mon, 29 Mar 2004 14:12:32 -0800
Drew Copley already mentioned how this is the CHM exploit that the Ibiza
exploit relied on.
K-OTiK posted about this in
http://www.securityfocus.com/archive/1/354447 and we posted details of
the Ibiza CHM exploit a few weeks before then on the Unpatched mailing
list ( http://unpatched.pivxlabs.com ).
The Bizex worm also used Unpatched IE vulnerabilities as was detailed in
Implementing proactive security measures such as locking down the My
Computer zone prevents this from having an effect. Both of these issues
were mitigated against months in advance with Qwik-Fix, which has just
been released as Qwik-Fix Pro at the Gartner Symposium/Itxpo 2004
Senior Security Researcher
24 Corporate Plaza #180
Newport Beach, CA 92660
thor () pivx com
Phone: +1 (949) 231-8496
6BB1 B77F CB62 0D3D 5A82 C65D E1A4 157C 5A27 6569
PivX defines "Proactive Threat Mitigation". Get a FREE Beta Version of
From: Void [mailto:void () sect net]
Sent: Monday, March 29, 2004 11:15 AM
To: Jelmer; full-disclosure () lists netsys com; bugtraq () securityfocus com
Subject: Re: new internet explorer exploit (was new worm)
Just wanted to add that Norton Anti-Virus 2004 will detect this exploit
pop up a warning, but also fails to halt its execution or protect the
in any way.
Here is what it thinks it is:
So there is some measure of warning, but no real protection.
Full-Disclosure - We believe in it.
- Re: Re: Addressing Cisco Security Issues, (continued)