Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

more on Bofra exploit hits The Register ad serving supplier

From: David Farber <dave () farber net>
Date: Wed, 24 Nov 2004 09:44:15 -0500


Begin forwarded message:

From: Ben Edelman <edelman () law harvard edu>
Date: November 23, 2004 6:16:21 PM EST
To: dave () farber net
Subject: RE: [IP] Bofra exploit hits The Register ad serving supplier

Dave,
For an example of how badly this IFRAME exploit can paralyze a computer, see the video I made last week. I show 16+ spyware programs installed without a single notice to the user (nor request for consent from the user). Programs installed include software from 180solutions, BargainBuddy, TopMoxie, and 
lots more.

  "Who Profits from Security Holes?"
  <http://www.benedelman.org/news/111804-1.html>


Ben


-----Original Message-----
From: owner-ip () v2 listbox com [mailto:owner-ip () v2 listbox com] On Behalf Of 
David Farber
Sent: Tuesday, November 23, 2004 5:29 PM
To: Ip
Subject: [IP] Bofra exploit hits The Register ad serving supplier




Begin forwarded message:

From: Monty Solomon <monty () roscom com>
Date: November 23, 2004 9:20:27 AM EST
To: undisclosed-recipient:;
Subject: Bofra exploit hits The Register ad serving supplier

http://www.theregister.co.uk/2004/11/21/register_adserver_attack/


Bofra exploit hits our ad serving supplier
By Team Register
Published Sunday 21st November 2004 16:18 GMT

Important notice
Early on Saturday morning some banner advertising served for The Register by third party ad serving company Falk AG became infected with the Bofra/IFrame exploit. The Register suspended ad serving by this company on discovery of 
the problem.

Bofra/IFrame is a currently unpatched exploit which affects Internet
Explorer 6.0 on all Windows platforms bar Windows XP SP2. If you may have visited The Register between 6am and 12.30pm GMT on Saturday, Nov 20 using any Windows platform bar XP SP2 we strongly advise you to check your machine 
with up to date anti-virus software, to install SP2 if you are running
Windows XP, and to strongly consider running an alternative browser, at
least until Microsoft deals with the issue.

We have asked Falk for an explanation and for further details of the
incident, and pending this we do not intend to restart ad-serving via the 
company. Falk will, we understand, be making a statement regarding the
matter on Monday.
Although the matter was beyond our direct control, we do not regard it as acceptable for any Register reader to be exposed in this way, and wish to 
apologise sincerely to anyone who was. Further information about this
particular exploit is available here or here.

http://www.theregister.co.uk/2004/11/04/ie_iframe_vuln/

http://www.theregister.co.uk/2004/11/10/bofra_worm/

-------------------------------------
You are subscribed as edelman () law harvard edu
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/ 

-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: