RE: MSIE 5.5/6 Q312461 patch disclose patch information

["SCG - Network Administrator" <admin () scg gliwice pl>]

>   IE 6:
>     Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Q312461)
>   IE 5.5 SP2:
>     Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0; T312461)
>
>   You can find vulnerable IE 5.5/6 very easily...

I can confirm that also with:

         Windows NT4 SP6a + Q299444i + IE 5.5 SP2 (and 6.0) + Q312461 - all polish
         Windows 2000 SP2 + IE 6.0 +312461 - all polish

This could be used to do a selective, web-based attack against IE, but can
be also hidden very easily.
You can modify the UserAgent setting via registry or a web-proxy (like
squid).

I wouldn't see it as a big security threat.
Would you?

--
Lukasz 'ptashek' Szmit