On Thu, Feb 14, 2002 at 04:12:15AM -0000, Bill Schalck wrote: > > In-Reply-To: <1013605797.17116.27.camelat_private> > > The details at our office were different. The message > was “URGENT: Go to this web site > www.rjdesigns.co.uk/cool/” (or something very close > to that). The strange thing is that this user SWEARS > that he never clicked on the link but our logs show his > computer attempted to access that web site. Luckily > the site was down, possibly couldn’t handle the load. > Does anyone know of an exploit that combined with > the MSN exploit could redirect to a web site without > the users knowledge or action? > > I'm concerned that eventually someone "smart" is > going to build a nimda like cocktail of MSN, IE and > other exploits that will spread faster than any virus > we’ve seen yet. Can anyone say ARIS ThreatCon 4? Well it certainly is not inconceivable that someone will do the equivalent of mouse-over triggers and release a plague.. :-{ iThat is if they are not doing that already. Pick a technology that is mouse over interactive and there is potential issues. Best Regards, dreamwvrat_private ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Feb 14 2002 - 09:24:06 PST