Fwd: Please post this anonymously (without my email-address and such)

[Blue Boar <BlueBoar () thievco com>]

> A few of my co-workers and I were just discussing the new error reporting
> functions of Internet Explorer, and we came up with a nasty idea for a virus
> utilizing that function as a method of causing a DoS.  The idea is to write
> a virus that propagates through email (nothing new here) and exploits
> Outlook and Outlook Express to achieve that propagation.  This virus would
> essentially cause the autopreview pane of Outlook to open viewing some type
> of HTML/ASP, etc in a way that would cause IE to crash when attempting to
> sort it.  At that point, with the more recent releases of IE, there would be
> an automatic initiation of debug data sent to Microsoft, through using DNS
> to resolve.
>
> Obvious effects would be a likely DoS on business networks and on
> Microsoft's debug servers.  Other effects could include difficulty in
> reaching and downloading patches for the vulnerabilities in the software (if
> Microsoft patch servers are utilizing the same WAN link as the debug
> servers), as well as possible effects upon DNS servers, especially at
> Microsoft.  In addition, as has already been talked about, an enormous
> amount of private information possibly stored on the debugs would be
> forwarded as well.  I would imagine that this type of virus could also
> effect other kinds of "bugzilla" services.
>
> Just a thought...