Problems with MSIE 1. Too many vulnerabilities 2. Too closely tied to OS, thereby making OS more vulnerable 3. 34 (at last count) unpatched vulnerabilities, reference http://umbrella.name/originalvuln/msie/ 4. Taking their time in fixing/patching vulnerabilities.
By themselves, they are not a reason to dump IE at the corporate level. But taken all together, CIOs should really consider the safety of their network with users running IE. The mozilla folks are at least promptly fix vulnerabilities, not to mention the fact that Mozilla/Firefox have had far less vulnerabilities and does not lock itself into the OS kernel. My $0.02 Edward W. Ray -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Todd Towles Sent: Wednesday, July 14, 2004 11:20 AM To: 'Ferruh Mavituna'; 'L33tPrincess'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC Once again, they are trying to patch the attack vector used instead of the core IE problem itself (which is directly related to it being tied into the OS level). I was once very pro-microsoft SMS Admin for my company but it is getting out of hand. If you patch a hole, instead of a vector, then L33tPrincess wouldn't be able to add a couple of lines to the code and change the vector to make the exploit workable in like 10 mins. It is like they are throwing the media and the mass public trash "fix" to make them happy while people like us shake our heads at what the public doesn't know. The multiple patches for the same problem with different MS numbers, it is a sad thing. -----Original Message----- From: Ferruh Mavituna [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 14, 2004 1:15 PM To: 'Todd Towles'; 'L33tPrincess'; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC The fun is MS says we fixed "shell" but it's still active for me. Ferruh.Mavituna http://ferruh.mavituna.com PGPKey : http://ferruh.mavituna.com/PGPKey.asc > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:full-disclosure- > [EMAIL PROTECTED] On Behalf Of Todd Towles > Sent: Wednesday, July 14, 2004 6:18 PM > To: 'L33tPrincess'; [EMAIL PROTECTED]; full- > [EMAIL PROTECTED] > Subject: RE: [Full-Disclosure] Re: IE Shell URI Download and Execute, > POC > > Depends on how Microsoft fixed IE. If they did the same thing as the > ADODB patch from last week and just focused on the Shell.Application > variant instead of the code IE problem, then it won't stop this WSH > variant by L33tPrincess. Which I must say is a sweet name. =) > > > > > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:full-disclosure- > [EMAIL PROTECTED] On Behalf Of L33tPrincess > Sent: Tuesday, July 13, 2004 9:34 PM > To: [EMAIL PROTECTED]; [EMAIL PROTECTED] > Subject: [Full-Disclosure] Re: IE Shell URI Download and Execute, POC > > > > Ferruh, > > Is this a new variant (wscript.shell)? Is the vulnerability mitigated > by today's Microsoft patch? > > > > > > > > Hello; > > Code is based on http://www.securityfocus.com/archive/1/367878 (POC by > Jelmer) message. I just added a new feature "download" and then > execute application. Also I use Wscript.Shell in Javascript instead of > Shell.Application. > > ________________________________ > > Do you Yahoo!? > New and Improved Yahoo! Mail > <http://us.rd.yahoo.com/mail_us/taglines/100/*http:/promotions.yahoo.c > om/n ew_mail/static/efficiency.html> - 100MB free storage! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
