Autor: Marcin Piaskowski (zwirek_at_kpbm.pb.bielsko.pl)
Data: Fri 23 Aug 1996 - 17:22:52 MET DST
Slawomir Bialek wrote:
>
> Tak na zachęte, żeby odwrócić uwagę od polskich literek...
> I następni ludzie, którzy obeszli 'doskonałe zabezpieczenia firmy M$' :-)
> po autorach wirusa Hare costam. :-)
> ---------------------------------------------
>
> Date: Wed, 21 Aug 1996 13:12:59 -0400
> From: felten_at_CS.Princeton.EDU (Ed Felten)
> Subject: Internet Explorer Security Problem
>
> We have discovered a security flaw in the current version (3.0) of
> Microsoft's Internet Explorer browser running under Windows 95. An attacker
> could exploit the flaw to run any DOS command on the machine of an Explorer
> user who visits the attacker's page. For example, the attacker could read,
> modify, or delete the victim's files, or insert a virus or backdoor entrance
> into the victim's machine. We have verified our discovery by creating a Web
> page that deletes a file on the machine of any Explorer user who visits the
> page.
>
> The core of the attack is a technique for delivering a document to the
> victim's browser while bypassing the security checks that would normally be
> applied to the document. If the document is, for example, a Microsoft Word
> template, it could contain a macro that executes any DOS command.
>
> Normally, before Explorer downloads a dangerous file like a Word document,
> it displays a dialog box warning that the file might contain a virus or
> other dangerous content, and asking the user whether to abort the download
> or to proceed with the download anyway. This gives the user a chance to
> avoid the risk of a malicious document. However, our technique allows an
> attacker to deliver a document without triggering the dialog box.
>
> Microsoft has been notified and they are working on fixing the problem.
> Until a remedy is widely available, we will not disclose further details
> about the flaw.
>
> For more information, contact Ed Felten at felten_at_cs.princeton.edu or
> 609-258-5906.
>
> Dirk Balfanz and Ed Felten
> Dept. of Computer Science, Princeton University
> http://www.cs.princeton.edu/sip/
>
> ------------------------------
Czy taki sam mechanizm nie zadziała jeśli używam Netscape ?
Zakładam, że nawet gdy okienko sie pojawi, to zgadzam sie na odpalenie
aplikacji i sciagniecie pliku.
Jeszcze wirusów w *.doc'ach brakowało!
Żwirek
http://kpbm.pb.bielsko.pl/
To archiwum zostało wygenerowane przez hypermail 2.1.7 : Tue 18 May 2004 - 12:52:38 MET DST