I'm hesitant to put this out publicly; but I've drafted for my *own* use a quick and *really* dirty browser helper object I'm calling the IE Object Squasher that does one and only one thing: --Before IE displays a page it does a quick search and replace on '<object data' to '<unsafe id=' Which effectively stops this variant of the vulnerability. The source is available at http://www.jeffbryner.com/ieObjectSquasher.zip It's totally cheesy, quick and incredibly unsupported code created solely for my own use, but if you're really desperate and haven't yet switched to opera ;) you're more than welcome to it. Jeff. ----Original Message----- From: Gregg Shankle [mailto:Gregg.Shankle@private] Subject: Fwd: Message from William Pelgrin-NYS OCSCIC-Cyber Advisory:New Microsoft Internet Explorer Vulnerabilit Cyber Sector FYI from our New York partners- >>> "Morrissey, Margaret (CSCIC)" <Margaret.Morrissey@private> 10/02/03 01:27PM >>> DATE ISSUED: 10/2/03 NEW YORK STATE OFFICE OF CYBER SECURITY AND CRITICAL INFRASTRUCTURE COORDINATION CYBER ADVISORY SUBJECT: Zero-Day exploit for Internet Explorer vulnerability being used to install Trojan. OVERVIEW: Several sources report that exploits are available for a new vulnerability in Microsoft Internet Explorer (IE) which allows attackers to run malicious code on vulnerable systems. The Qhosts Trojan is actively exploiting one of these vulnerabilities to hijack browser sessions by reconfiguring the DNS configuration on infected systems. Note that Microsoft has not yet issued a patch for this vulnerability.
This archive was generated by hypermail 2b30 : Sat Oct 04 2003 - 20:36:54 PDT