Full Disclosure mailing list archives
Re: 3 new MS patches next week... but none fix 0x01!
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Sun, 11 Jan 2004 12:55:55 +1300
"Exibar" <exibar () thelair com> wrote:
What's going on over at Microsoft anyway? They're releasing 3 new patches next week, but are planned to take care of the "0x01" vulnerability in IE.
^ | As it is now clear that you meant to include the word "none" in there...
I'm one of Microsoft's defenders, and I'm starting to get a little confused and upset at what they're doing. Heck if 3rd parties can write a fix for the darned thing, why the heck can't Microsoft???? What are they thinking over there? oh, I guess they are waiting for a large client to get scammed by a scam e-mail and then wait for that client to complain. Money really does talk I guess.... it's a shame
OK -- is HSBC bank a large enough client of Microsoft's?? A few days ago (7 Jan) there was a huge spam run phishing for HSBC customer details. That spam used a version of the URL spoofing trick based on a long string of percent-zero-one URL-encoded chars (you have to be careful with writing that literally now as several spam filters and some virus scanner's heuristics specifically look for those strings, literal 0x00, 0x01 and similar characters and various other forms of encoding of them that are valid in HTML, etc...). Anyway, back to the HSBC spam -- I've seen a report of a single filter intercepting close to 150,000 of those messages and several other informal reports of "large numbers" of other spam employing these URL obscuring tricks (though the HSBC one is the only one using it I've noticed arriving in my personal Email). -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Yahoo Instant Messenger Long Filename Downloading Buffer Overflow Tri Huynh (Jan 08)
- <Possible follow-ups>
- Yahoo Instant Messenger Long Filename Downloading Buffer Overflow Tri Huynh (Jan 08)
- Re: Yahoo Instant Messenger Long Filename Downloading Buffer Overflow Santos Rayes (Jan 08)
- 3 new MS patches next week... but none fix 0x01! Exibar (Jan 08)
- Re: 3 new MS patches next week... but none fix 0x01! S G Masood (Jan 08)
- Re: 3 new MS patches next week... but none fix 0x01! Michael Renzmann (Jan 08)
- RE: 3 new MS patches next week... but none fix 0x01! Poof (Jan 08)
- Re: 3 new MS patches next week... but none fix 0x01! Liu Die Yu (Jan 09)
- 3 new MS patches next week... but none fix 0x01! Exibar (Jan 08)
- Re: 3 new MS patches next week... but none fix 0x01! Nick FitzGerald (Jan 10)
- Re: 3 new MS patches next week... but none fix 0x01! Mary Landesman (Jan 10)