Skip Duckwall wrote:
>
> Since it's a phishing email, I'm sure the exploit they're referring to
> is the one that exploits the compiled help files (.chm files), even
> though it's not exactly new... Although the way the hostile chm files
> are executed without user intervention has been patched
Since it's a phishing email, I'm sure the exploit they're referring to is
the one that exploits the compiled help files (.chm files), even though
it's not exactly new... Although the way the hostile chm files are
executed without user intervention has been patched (the MS-ITS
vulnerability in MS04
[mailto:[EMAIL PROTECTED] On Behalf Of
> morning_wood
> Sent: 01 June 2004 11:17
> To: m g; [EMAIL PROTECTED]
> Subject: Re: [Full-Disclosure] Beware of 'IBM laptop order' email
>
> http://www.f-secure.com/v-descs/wallon.shtml
>
>
> > Last week on the si
http://www.f-secure.com/v-descs/wallon.shtml
> Last week on the site of 'The Register' an article was published about
> spam-mail that used an unknown 'zero-day' vulnerability in IE. They did not
> release any information about the zero-day issue, so perhaps anyone on the
> list knows anything