*** CRITICAL IE EXPLOIT ALERT, and MSFT's fix doesn't solve problem!!

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • goBigtime
    Confirmed User
    • Nov 2002
    • 7761

    #1

    *** CRITICAL IE EXPLOIT ALERT, and MSFT's fix doesn't solve problem!!

    http://www.microsoft.com/security/se...s/ms03-032.asp

    There's the patch that was isssued yesterday.

    Ufortunately it doesn't eliminate the critical problem.

    There are still ways around around it.


    ** CAUTION **

    Using this exploit all you would have to do is be tricked into going to A WEBPAGE that contains the malicious code & a trojan could be installed on your computer automatically. THERE IS NO WARNING, or pop-up, it would be just download & execute the trojan/virus automatically -- JUST FOR GOING TO A WEBPAGE.


    Be sure you are using a good software firewall (in ADDITION to any hardware firewalls) so you know when any base software has been overwritten or new software is trying to allow or create connections to the internet.

    I've got the last no-nag freeware version of tiny personal firewall 2.0.15 here if anyone needs it.
  • DTK
    Confirmed User
    • Feb 2002
    • 4546

    #2
    Constant crap like this is why I switched to Opera.
    Arguing whether the Democratic or Republican party is better is like debating which steaming pile of shit is slightly less stinky.

    Comment

    • JamesK
      hi
      • Jun 2002
      • 16731

      #3
      NOOOOOOOOOOOOOOOOOO !!


      MY TRAFFIKSSSSSSSSSSSSSS
      M3Server - NATS Hosting

      Comment

      • juicylinks
        So Fucking Banned
        • Apr 2001
        • 122992

        #4
        I have the solution email me [email protected] for the latest aptch

        Comment

        • JamesK
          hi
          • Jun 2002
          • 16731

          #5
          Originally posted by juicylinks
          I have the solution email me [email protected] for the latest aptch
          hey can utell bill gates to redirect [email protected] to my email? thanks
          M3Server - NATS Hosting

          Comment

          • Fabuleux
            Confirmed User
            • May 2003
            • 2543

            #6
            Today I recieved this from [email protected]:

            Dear friend , use this Internet Explorer patch now!
            There are dangerous virus in the Internet now!
            More than 500.000 already infected!
            With a nice worm in the attachment...

            Comment

            • goBigtime
              Confirmed User
              • Nov 2002
              • 7761

              #7
              Originally posted by DTK
              Constant crap like this is why I switched to Opera.

              Ah.. why didn't I think of that. I never remember Mozilla or Opera when these zero-protection IE exploits come out.

              .... off to download Mozilla or Opera.


              Like it or not, EVERYONE should be at least temporarily running Mozilla or Opera right now.

              Until MSFT fixes their fix to actually eliminate the vulnerability.

              It's not a matter of IF you'll be attacked by this one.. its when.
              Last edited by goBigtime; 09-10-2003, 11:03 AM.

              Comment

              • gornyhuy
                Chafed.
                • May 2002
                • 18041

                #8
                Thanks for the heads up... updating now.

                icq:159548293

                Comment

                • rowan
                  Too lazy to set a custom title
                  • Mar 2002
                  • 17393

                  #9
                  Originally posted by goBigtime
                  Like it or not, EVERYONE should be at least temporarily running Mozilla or Opera right now.
                  <i>"This vulnerability affects computers that have Internet Explorer installed. (You do not have to be using Internet Explorer as your Web browser to be affected by this issue.)"</i>

                  This is the bit that scares me.

                  BTW, not sure if it's related, but I had a web site create and execute an arbitrary file the other day. I have never seen this happen on my machine before; I have active-x on prompt and some reasonably paranoid security settings. The nasty stuff like dialers always (until this point) prompted for active-x, which I routinely deny if I'm sitting on a TGP or CJ.

                  This file appeared on my desktop and executing in my task bar without warning.

                  Comment

                  • Fabuleux
                    Confirmed User
                    • May 2003
                    • 2543

                    #10
                    Originally posted by rowan


                    <i>"This vulnerability affects computers that have Internet Explorer installed. (You do not have to be using Internet Explorer as your Web browser to be affected by this issue.)"</i>

                    This is the bit that scares me.

                    BTW, not sure if it's related, but I had a web site create and execute an arbitrary file the other day. I have never seen this happen on my machine before; I have active-x on prompt and some reasonably paranoid security settings. The nasty stuff like dialers always (until this point) prompted for active-x, which I routinely deny if I'm sitting on a TGP or CJ.

                    This file appeared on my desktop and executing in my task bar without warning.
                    When did this happen?

                    Comment

                    • gornyhuy
                      Chafed.
                      • May 2002
                      • 18041

                      #11
                      I'm sure there are plenty of Opera exploits but there is no one fucking with them or patching them due to low usage numbers.

                      icq:159548293

                      Comment

                      • rowan
                        Too lazy to set a custom title
                        • Mar 2002
                        • 17393

                        #12
                        Originally posted by Fabuleux


                        When did this happen?
                        3 days ago. The vbscript created and executed a file called LLASS.EXE. I'm not sure what it does, but viewing it with a text editor seems to suggest that it does something with winsock (perhaps a dialer replacing default dialup values, or something more sinister like a proxy)

                        On reboot LLASS.EXE was executing in the background.

                        Comment

                        • goBigtime
                          Confirmed User
                          • Nov 2002
                          • 7761

                          #13
                          here's another one that came out TODAY

                          http://www.microsoft.com/security/se...s/ms03-039.asp

                          Ugh.

                          Comment

                          • Doctor Dre
                            Too lazy to set a custom title
                            • Jan 2001
                            • 51692

                            #14
                            Somebody posted this virus yesterday on GFY I think I got infected . What does it do ?
                            Originally posted by rayadp05
                            I rebooted, deleted temp files, history, cookies and everything...still cannot view the news clip. All I see is that fucking gay ass music video from "Rick Roll". Anyone else have a different link to the news clip?

                            Comment

                            • goBigtime
                              Confirmed User
                              • Nov 2002
                              • 7761

                              #15
                              Originally posted by Doctor Dre
                              Somebody posted this virus yesterday on GFY I think I got infected . What does it do ?

                              Anything the hacker wants it to.

                              Really.

                              It could do something as trivial as stealing a specific piece of saved information on your computer - such as your GFY password, or as bad as automatically downloading and installing a trojan virus on your machine.


                              It's bad & MSFT's patch doesn't fix the problem yet.


                              Go to TOOLS | INTERNET OPTIONS | SECURITY & change your security level to HIGH to Disable ActiveX completely.

                              Until microsoft fixes their fix anyway.

                              Comment

                              • bigdog
                                Confirmed User
                                • Jul 2001
                                • 6964

                                #16
                                soon you are going to have viruses that is going to detect which broswer you are useing and load the appropriate virus

                                Comment

                                • goBigtime
                                  Confirmed User
                                  • Nov 2002
                                  • 7761

                                  #17
                                  Originally posted by bigdog
                                  soon you are going to have viruses that is going to detect which broswer you are useing and load the appropriate virus
                                  That would be easy to do now just using mod_rewrite and environment settings I spose.... if big exploits existed for many different browsers at the same time anyway.

                                  Comment

                                  • JSA Matt
                                    So Fucking Banned
                                    • Aug 2003
                                    • 5464

                                    #18
                                    I posted about this a couple of weeks ago, Microsoft is slow as hell on their security announcements.

                                    http://www.gofuckyourself.com/showth...hreadid=168920

                                    Comment

                                    Working...