Comments on: Unpatched Drive-By Exploit Found on the Web (Follow-Up) http://blogs.mcafee.com/mcafee-labs/unpatched-drive-by-exploit-found-on-the-web-follow-up Tue, 29 Nov 2011 07:51:20 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Hippocrat http://blogs.mcafee.com/mcafee-labs/unpatched-drive-by-exploit-found-on-the-web-follow-up/comment-page-2#comment-8865 Hippocrat Tue, 23 Jun 2009 17:40:57 +0000 http://www.labs.com/research/blog/?p=233#comment-8865 People should get it that although the easiest attack method would be html( email, web, memory card, etc ) the attack is not restricted to that distribution mechanism. People should get it that although the easiest attack method would be html( email, web, memory card, etc ) the attack is not restricted to that distribution mechanism.

]]> By: Registry Cleaner http://blogs.mcafee.com/mcafee-labs/unpatched-drive-by-exploit-found-on-the-web-follow-up/comment-page-2#comment-8864 Registry Cleaner Thu, 05 Feb 2009 06:25:07 +0000 http://www.labs.com/research/blog/?p=233#comment-8864 People should get it that although the easiest attack method would be html( email, web, memory card, etc ) the attack is not restricted to that distribution mechanism. People should get it that although the easiest attack method would be html( email, web, memory card, etc ) the attack is not restricted to that distribution mechanism.

]]> By: Template http://blogs.mcafee.com/mcafee-labs/unpatched-drive-by-exploit-found-on-the-web-follow-up/comment-page-2#comment-8861 Template Sun, 24 Feb 2008 14:17:58 +0000 http://www.labs.com/research/blog/?p=233#comment-8861 One of the many disadvantages of every new Windows edition is the fact that the operating system becomes more and more bloated. Microsoft adds new features to Windows which could then be used to exploit the system. Instead of concentrating on fast efficient systems they produce heavy systems that look shiny but have problems under the surface. Recently a vulnerability in Windows Animated Cursor Handling was discovered. In order for this attack to be carried out, a user must either visit a Web site that contains a Web page that is used to exploit the vulnerability or view a specially crafted e-mail message or email attachment sent to them by an attacker One of the many disadvantages of every new Windows edition is the fact that the operating system becomes more and more bloated. Microsoft adds new features to Windows which could then be used to exploit the system. Instead of concentrating on fast efficient systems they produce heavy systems that look shiny but have problems under the surface. Recently a vulnerability in Windows Animated Cursor Handling was discovered. In order for this attack to be carried out, a user must either visit a Web site that contains a Web page that is used to exploit the vulnerability or view a specially crafted e-mail message or email attachment sent to them by an attacker

]]> By: Alan Litchfield http://blogs.mcafee.com/mcafee-labs/unpatched-drive-by-exploit-found-on-the-web-follow-up/comment-page-2#comment-8858 Alan Litchfield Fri, 16 Nov 2007 00:49:24 +0000 http://www.labs.com/research/blog/?p=233#comment-8858 I am running XP - SP2 and am experiencing a similar problem. I had a trojan try to come in on an attachment which my antivirus caught. However, almost immediately, Windows Explorer began crashing and restarting, recycling about every 20 seconds. I have run several antivirus programs, Adaware, Spybot, and other registry checkers. All came up clear. I also copied in an "explorer.exe" from an unaffected computer. Nothing has fixed my problem. Any suggestions? I am running XP – SP2 and am experiencing a similar problem. I had a trojan try to come in on an attachment which my antivirus caught. However, almost immediately, Windows Explorer began crashing and restarting, recycling about every 20 seconds. I have run several antivirus programs, Adaware, Spybot, and other registry checkers. All came up clear. I also copied in an “explorer.exe” from an unaffected computer. Nothing has fixed my problem. Any suggestions?

]]> By: Carmel Lisciotto http://blogs.mcafee.com/mcafee-labs/unpatched-drive-by-exploit-found-on-the-web-follow-up/comment-page-2#comment-8857 Carmel Lisciotto Sun, 10 Jun 2007 12:28:17 +0000 http://www.labs.com/research/blog/?p=233#comment-8857 An informative update. I will pass this along. Carmelo Lisciotto An informative update.

I will pass this along.

Carmelo Lisciotto

]]> By: macewan http://blogs.mcafee.com/mcafee-labs/unpatched-drive-by-exploit-found-on-the-web-follow-up/comment-page-2#comment-8856 macewan Tue, 24 Apr 2007 19:21:46 +0000 http://www.labs.com/research/blog/?p=233#comment-8856 @zezitinho, check out milw0rm cheers @zezitinho, check out milw0rm

cheers

]]> By: Mike_from_mm http://blogs.mcafee.com/mcafee-labs/unpatched-drive-by-exploit-found-on-the-web-follow-up/comment-page-1#comment-8855 Mike_from_mm Mon, 23 Apr 2007 16:52:03 +0000 http://www.labs.com/research/blog/?p=233#comment-8855 Hi Smoke:d I Just Tried it and It's also not working on Win Vista:d Strange... But Wft do I care... will you ever make a folder called 'com'? just call it comm:d:p bye... Hi Smoke:d
I Just Tried it and It’s also not working on Win Vista:d Strange…
But Wft do I care… will you ever make a folder called ‘com’? just call it comm:d:p
bye…

]]> By: smoke http://blogs.mcafee.com/mcafee-labs/unpatched-drive-by-exploit-found-on-the-web-follow-up/comment-page-1#comment-8854 smoke Wed, 11 Apr 2007 09:04:37 +0000 http://www.labs.com/research/blog/?p=233#comment-8854 Hi Guys: Just wanted to add something for the readers about Windows strange behaivor, try on your desktop to create a new folder and rename it to con or Con or CON , it will never make it, I have tried this on WinXP but not on vista, if the same thing happens on vista please let me know, Thanks Hi Guys:

Just wanted to add something for the readers about Windows strange behaivor, try on your desktop to create a new folder and rename it to con or Con or CON , it will never make it, I have tried this on WinXP but not on vista, if the same thing happens on vista please let me know, Thanks

]]> By: zezitinho http://blogs.mcafee.com/mcafee-labs/unpatched-drive-by-exploit-found-on-the-web-follow-up/comment-page-1#comment-8850 zezitinho Wed, 04 Apr 2007 13:15:16 +0000 http://www.labs.com/research/blog/?p=233#comment-8850 I want to test this malicious ANI file, where can I find this? Thanks I want to test this malicious ANI file, where can I find this? Thanks

]]> By: dave http://blogs.mcafee.com/mcafee-labs/unpatched-drive-by-exploit-found-on-the-web-follow-up/comment-page-1#comment-8848 dave Tue, 03 Apr 2007 07:26:20 +0000 http://www.labs.com/research/blog/?p=233#comment-8848 This is a short flash video of exploiting the ANI vulnerability on Windows Vista. The exploit works against both Internet Explorer 7 and Mozilla Firefox 2.0. http://determina.blogspot.com/2007/04/exploiting-vista-with-ani.html This is a short flash video of exploiting the ANI vulnerability on Windows Vista. The exploit works against both Internet Explorer 7 and Mozilla Firefox 2.0.

http://determina.blogspot.com/2007/04/exploiting-vista-with-ani.html

]]>