Re: MSIE 6/7/8 unpatched vulnerability confirmed

[Paul Ferguson <fergdawgster () gmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, Jan 20, 2010 at 2:20 PM, Juha-Matti Laurio
<juha-matti.laurio () netti fi> wrote:

> F-Secure's Hyppönen said they were wrong:
> "Updated to add: We were wrong, the attack was done with an IE 0-day
> attack instead."
>
> http://www.f-secure.com/weblog/archives/00001854.html
>
> And
> http://blogs.adobe.com/conversations/2010/01/idefense_putting_speculation
> s.html
>
> http://blogs.verisign.com/idefense/
>
> Juha-Matti

I've got to agree with Joe Stewart here:

"Stewart also said that he believes some of the companies compromised in
this set of attacks may have been hit with exploits other than the Internet
Explorer zero day that Microsoft is planning to fix with an emergency patch
on Thursday."

http://threatpost.com/en_us/blogs/aurora-attack-malware-components-may-be-f
our-years-old-012010

While it may be true that Google, Adobe, et al., may have been exploited by
the IE 0-Day, it is clearly evident to me that other organizations were
targeted with malicious PDFs.

$.02,

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFLV4NYq1pz9mNUZTMRAmWqAJ0XHLKjKMCaHLs0Guv4wNDfAuerCgCgydEs
OKfH5VzKuz/a+MmSbUbGOVE=
=majC
-----END PGP SIGNATURE-----

-- 
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawgster(at)gmail.com
 ferg's tech blog: http://fergdawg.blogspot.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.