Full Disclosure mailing list archives
Re: Mystery DNS Changes
From: Joe Stewart <jstewart () lurhq com>
Date: Thu, 2 Oct 2003 09:23:46 -0400
On Thursday 02 October 2003 08:31 am, Randal, Phil wrote:
NAI has this as QHosts-1, and says MS03-032 does NOT protect against it:
F-Secure named this trojan "Delude" days ago. NAI's QHosts-1 is just a variant. It is well known that MS0-032 is not 100% effective, so definately no one should think they are immune to this or any other hostile object tags just because they have that patch. Everyone running IE should disable active scripting if they want to avoid these little surprises. -Joe -- Joe Stewart, GCIH Senior Security Researcher LURHQ Corporation http://www.lurhq.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Mystery DNS Changes, (continued)
- RE: Mystery DNS Changes Harris, Michael C. (Oct 01)
- Re: Mystery DNS Changes Paul Tinsley (Oct 01)
- Re: [Snort-sigs] Re: Mystery DNS Changes Paul Tinsley (Oct 02)
- Re: [Snort-sigs] Re: Mystery DNS Changes Paul Schmehl (Oct 03)
- Re: [Snort-sigs] Re: Mystery DNS Changes Paul Tinsley (Oct 03)
- Re: [Snort-sigs] Re: Mystery DNS Changes Paul Schmehl (Oct 03)
- Re: Mystery DNS Changes Paul Tinsley (Oct 01)
- RE: Mystery DNS Changes Harris, Michael C. (Oct 01)
- RE: Mystery DNS Changes Kurt (Oct 02)
- Re: Mystery DNS Changes Joe Stewart (Oct 02)
- Re: Mystery DNS Changes Paul Tinsley (Oct 02)
- Re: Mystery DNS Changes KF (Oct 02)
- RE: Mystery DNS Changes Paul Schmehl (Oct 03)
- RE: Mystery DNS Changes Nick FitzGerald (Oct 03)