Full Disclosure mailing list archives
Re: How often are IE security holes exploited?
From: Blue Boar <BlueBoar () thievco com>
Date: Thu, 12 Dec 2002 14:50:54 -0800
Richard M. Smith wrote:
Has anyone ever looked into how often security holes in Internet Explorer are actually used in viruses, worms, Trojan horses, and other malware? My sense is that very few of them are actually used in thewild.
Define "how often". It's either every day, or somewhere around 1 in 30 vulnerabilities. :)
The KaK and Klez worms both use IE security holes to do their dirty work, but most other Windows viruses seem to rely on social engineering and standard features of Microsoft products. If folks know of other malware that make use of IE security holes, please let me know. I'm putting together a little list.
Nimda. There must be a few more as well. I still constantly get email that tries to use various IE exploits, and I don't believe they're all Nimda, Kak, and Klez.
BB _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- How often are IE security holes exploited? Richard M. Smith (Dec 12)
- Re: How often are IE security holes exploited? Blue Boar (Dec 12)
- Re: How often are IE security holes exploited? zeno (Dec 12)
- Re: How often are IE security holes exploited? Nick FitzGerald (Dec 12)
- Re: How often are IE security holes exploited? Blue Boar (Dec 13)
- <Possible follow-ups>
- RE: How often are IE security holes exploited? Schmehl, Paul L (Dec 12)
- RE: How often are IE security holes exploited? Richard M. Smith (Dec 12)
- RE: How often are IE security holes exploited? Nick FitzGerald (Dec 13)
- RE: How often are IE security holes exploited? Richard M. Smith (Dec 12)
- Re: How often are IE security holes exploited? gobbbles (Dec 13)
- RE: How often are IE security holes exploited? Schmehl, Paul L (Dec 13)
- Re: How often are IE security holes exploited? Blue Boar (Dec 12)