[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Mystery DNS Changes

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] Mystery DNS Changes
From: Joe Stewart <jstewart@lurhq.com>
Date: Thu, 2 Oct 2003 09:23:46 -0400

On Thursday 02 October 2003 08:31 am, Randal, Phil wrote:
> NAI has this as QHosts-1, and says MS03-032 does NOT protect against
> it:

F-Secure named this trojan "Delude" days ago. NAI's QHosts-1 is just a 
variant. It is well known that MS0-032 is not 100% effective, so 
definately no one should think they are immune to this or any other 
hostile object tags just because they have that patch. Everyone running 
IE should disable active scripting if they want to avoid these little 
surprises.

-Joe

-- 
Joe Stewart, GCIH 
Senior Security Researcher
LURHQ Corporation
http://www.lurhq.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- RE: [Full-Disclosure] Mystery DNS Changes
  - From: "Randal, Phil" <prandal@herefordshire.gov.uk>

Prev by Date: RE: [Full-Disclosure] Mystery DNS Changes
Next by Date: [Full-Disclosure] Re: Asynchronous, industry-wide virus naming scheme proposed
Previous by thread: Re: [Full-Disclosure] Mystery DNS Changes
Next by thread: RE: [Full-Disclosure] Mystery DNS Changes
Index(es):
- Date
- Thread