Skip Duckwall wrote: > > Since it's a phishing email, I'm sure the exploit they're referring to > is the one that exploits the compiled help files (.chm files), even > though it's not exactly new... Although the way the hostile chm files > are executed without user intervention has been patched (the MS-ITS > vulnerability in MS04-013 I believe...) > > This type of phishing scam isn't really all that new and you can find > all sorts of writeups using google. <snip> > > just my guess....
Good guess ... http://groups.google.com/groups?threadm=1085148506.86377.0%40despina.uk.clara.net Regards, Axel Pettinger _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
