Full Disclosure mailing list archives

Re: Spyware installs with no interaction in IE on fully patchedXP SP2 box

From: "Willem Koenings" <isec () europe com>
Date: Mon, 04 Oct 2004 10:40:39 -0500

hi,

I was unable to verify it, since I don't use IE, and would prefer not 
infecting myself on accident, however I did run across this: 

http://themexp.org/about_wrap.php 

Perhaps one of the themes you downloaded was bundled with the spyware?


two tiny links from there: 

http://WWW.addictivetechnologies.net/dm0/js/Confirm80wu03rd.js 
http://www.addictivetechnologies.net/DM0/cab/ATPartners.cab


btw, old trusty IE 5.01 + manually configured security settings =
no problem at all. either XP+SP2 broke seriously something in IE
or Geraldo Rivera has just poorly configured internet setting.

W.
-- 
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: Spyware installs with no interaction in IE on fully patchedXP SP2 box Willem Koenings (Oct 04)
- XSS in "Spyware installs with no interaction in IE on fully patchedXP SP2 box" jamie fisher (Oct 04)