IE Exploit Email. The Storm Center has received several reports of a hostile email that contains a link (not an attachment) that points to code exploiting the recently announced Internet Explorer vulnerabilities. The email has text similar to this:
To see details please click this 'link'
Thank you for using PayPal.
Clicking on the embedded link points the victim to a previously infected computer, downloads the exploit code, and infects the victim if the victim is using Internet Explorer on any Windows platform other than WinXP SP2. No patches are available (yet) from Microsoft. If today's Microsoft bulletins address this issue we will update this diary entry. The best mitigation is to avoid using Internet Explorer until patches are available. Take a look at Firefox from the Mozilla project team as an optional browser. Version 1.0 was released today.
DNS Vulnerability. The United Kingdom's National Infrastructure Security Co-ordination Centre (NISCC) published a bulletin today about vulnerabilities in various DNS implementations. Please note that ISC-BIND is not vulnerable to this issue. If successfully exploited, an attacker could cause a denial of service condition on a DNS server. Details are at http://www.uniras.gov.uk/vuls/2004/758884/index.htm
Microsoft "Patch Day" Today. Today is the second Tuesday of the month. Right on schedule, Microsoft published their monthly security summary: http://www.microsoft.com/technet/security/bulletin/ms04-nov.mspx
There is only one issue listed: MS04-039 Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet Content Spoofing (888258). The issue is rated IMPORTANT by Microsoft and only affects this software:
Microsoft Internet Security and Acceleration Server 2000 SP 1 and 2
Microsoft Small Business Server 2000 (includes Microsoft Internet Security and Acceleration Server 2000)
Microsoft Small Business Server 2003 Premium Edition (includes Microsoft Internet Security and Acceleration Server 2000)
Microsoft Proxy Server 2.0 Service Pack 1
Unfortunately there is no mention of the new vulnerabilities in Internet Explorer. Stay tuned...
Marcus H. Sachs
Handler on Duty
Nov 9th 2004
1 decade ago