Re: MSIE 6/7/8 unpatched vulnerability confirmed

[Juha-Matti Laurio <juha-matti.laurio () netti fi>]

F-Secure's Hyppönen said they were wrong:
"Updated to add: We were wrong, the attack was done with an IE 0-day attack instead."

http://www.f-secure.com/weblog/archives/00001854.html

And
http://blogs.adobe.com/conversations/2010/01/idefense_putting_speculations.html

http://blogs.verisign.com/idefense/

Juha-Matti

Larry Seltzer [larry () larryseltzer com] kirjoitti: 
> What I want to know about this incident is why some (F-Secure and especially iDefense) were claiming with confidence 
> yesterday that a PDF with the most recent exploit was the main attack vector. Now Adobe and McAfee are saying there's 
> no actual evidence a PDF was involved. I have a lot of links in here:
>
> http://blogs.pcmag.com/securitywatch/2010/01/new_ie_0-day_not_acrobat_named.php
>
> McAfee appears to be the original identifiers of the IE 0-day. iDefense, on the other hand, seems to have gotten 
> their information at least partly from "sources in the defense contracting and intelligence consulting community": 
> http://arstechnica.com/security/news/2010/01/researchers-identify-command-servers-behind-google-attack.ars
>
> Lots more links, especially McAfee links, here: 
> http://extraexploit.blogspot.com/2010/01/iexplorer-0day-cve-2010-0249.html
>
> Larry Seltzer
> Contributing Editor, PC Magazine
> larry_seltzer () ziffdavis com 
> http://blogs.pcmag.com/securitywatch/



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.