All Things Microsoft > Microsoft as a Company

virii #70,102 or something

(1/1)

avello500:
http://www.eweek.com/article2/0,3959,1227034,00.asp


 
quote: The more dangerous of the two vulnerabilities results from IE's failure to properly check the object type that is returned from a Web server. It doesn't take much for an attacker to exploit this flaw; all that's needed is for a user on a vulnerable machine to visit an attacker's Web site. The attacker would be able to compromise the PC without the user doing anything but calling up the site.
--- End quote ---


and why wasnt this fixed sooner?
fucking tools
i would laugh if it wasnt so sad...

ShawnD1:
That's for IE users though. People who use IE almost deserve it lol.

bigsleep:
Me: Hey! I tried to download one of your game maps, but Mozilla downloaded it as text - the map doesn't work.
Webmaster: Huh, that's odd, it works fine in IE. Why don't you just use IE?
Me: Why don't you just zip the files? Your server seems to handle zips OK. It doesn't know map files.
Webmaster: (no response, site still fucked up).
Me: (gave up complaining to webmasters that obviously use IE).

I've never tried to spread a virus this way, but I'd  imagine it's as easy as this code:
<object data="virus.js"></object>
where "virus.js" is actually an executable file. I'm not sure which file extensions work this way, I would suspect ".js" would work good since most servers send out ".js" as text/javascript and browsers like Mozilla might try to parse it (and fail, since it will be corrupted), but windows will (I assume) download it raw and see that it's a PE and try to execute it.
Like I said I don't know exactly how (or which extensions work), but I know it's quite easy to figure out.

BTW; I've gotton serveral of these new viruses and Mozilla can't open them at all. I tried to extract the virus from the eMail in order to check it in my virus scanner and get it's name, but it seems there's an error in the encoding. I even tried using WinRar, which I've used before this way. So it seems that OE/IE's error handling is what enables the virus to work at all.

Navigation

[0] Message Index

Go to full version