Wednesday, 4. January 2006
Billy Wonka Redux
Revisiting my earlier post, from the MS advisory quoted in Tom Liston's ISC diary piece:
Customers who follow safe browsing best practices are not likely to be compromised by any exploitation of the WMF vulnerability. Users should take care not to visit unfamiliar or un-trusted Web sites that could potentially host the malicious code.
Some questions arising from that, if I may...
- Define safe browsing best practices please.
- Do those practices include using MSIE (rhetorical)? Not here, they don't.
- So this is a web only problem, is it? Or is email somehow in the loop too?
F-Secure can answer that last one. I have in front of me a sample of the trojan spam cited by F-Secure, trapped by a server mail rule, so this must be fairly widespread and it does indeed implement the metasploit exploit against the WMF vulnerability.
MS can lecture us all they like about safe browsing, but you just know that a fair few recipients of this little gem will be a little too curious about those cars filled with water...
Category: Viruses and Worms
Technorati: Viruses and Worms
Comments :
None yet...
Unable to post a comment? Please read this for a possible explanation...
- 
