Full Disclosure mailing list archives
RE: How often are IE security holes exploited?
From: "Schmehl, Paul L" <pauls () utdallas edu>
Date: Thu, 12 Dec 2002 16:30:56 -0600
You're going to have to define what you mean by that. The IE engine is used in a lot of things. For example, Outlook Express uses it to display HTML email. So, Kak, Klez, Yaha, Braid, Frethem, etc., etc., all use weaknesses in IE *in* OE to run. Just about any VBS virus would qualify, depending on how you want to define "IE" *(Loveletter, Bubbleboy, Anna Kournikova, VBS/You-name-it, etc.), JS/Seeker, JS/Coolsite, etc., etc. Anything that uses the Windows Scripting Host and the preview pane could be said to be using IE, because it's the engine behind the scenes that makes it all possible. The most common one is "Incorrect MIME Header Can Cause IE to Execute E-mail Attachment vulnerability (MS01-020)" which is used in a bunch of viruses/worms - Bugbear, Braid, Shoho, Exploit-MIME.gen, Gop, Yaha, Klez, Holar, Hobbit, Apix, Paul Schmehl (pauls () utdallas edu) TCS Department Coordinator The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/~pauls/
-----Original Message----- From: Richard M. Smith [mailto:rms () computerbytesman com] Sent: Thursday, December 12, 2002 3:33 PM To: full-disclosure () lists netsys com; rms () computerbytesman com Subject: [Full-disclosure] How often are IE security holes exploited? Hi, Has anyone ever looked into how often security holes in Internet Explorer are actually used in viruses, worms, Trojan horses, and other malware? My sense is that very few of them are actually used in the wild. The KaK and Klez worms both use IE security holes to do their dirty work, but most other Windows viruses seem to rely on social engineering and standard features of Microsoft products.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- How often are IE security holes exploited? Richard M. Smith (Dec 12)
- Re: How often are IE security holes exploited? Blue Boar (Dec 12)
- Re: How often are IE security holes exploited? zeno (Dec 12)
- Re: How often are IE security holes exploited? Nick FitzGerald (Dec 12)
- Re: How often are IE security holes exploited? Blue Boar (Dec 13)
- <Possible follow-ups>
- RE: How often are IE security holes exploited? Schmehl, Paul L (Dec 12)
- RE: How often are IE security holes exploited? Richard M. Smith (Dec 12)
- RE: How often are IE security holes exploited? Nick FitzGerald (Dec 13)
- RE: How often are IE security holes exploited? Richard M. Smith (Dec 12)
- Re: How often are IE security holes exploited? gobbbles (Dec 13)
- RE: How often are IE security holes exploited? Schmehl, Paul L (Dec 13)
- Re: How often are IE security holes exploited? Blue Boar (Dec 12)