Thanks Gary. Its good to know that the security software UCB provides
can help mitigate the potential danger of this new exploit.
-Sean
Gary Lum wrote:
> On a related note, the major AV companies have released updated
> definitions that include heuristic detection to catch the latest
> vulnerability
>
> http://securityresponse.symantec.com/avcenter/venc/data/bloodhound.exploit.61.html
>
>
> the complete list is here, under FAQ's
> http://www.microsoft.com/technet/security/advisory/917077.mspx
>
> I wouldn't place all my eggs in one basket, but it's one more hoop an
> exploit would have to jump thru.
>
> On 3/29/2006 11:12 AM, Sean Frye wrote:
>> Does this mean that there are machines on campus that have been
>> compromised specifically by this new attack vector? If so, how is
>> that detected, and can other admins on campus use that detection
>> mechanism on the networks they oversee? Thanks in advance.
>>
>> -Sean
>>
>> Allison Henry wrote:
>>
>>> A vulnerability has been discovered in Microsoft Internet Explorer,
>>> which can be exploited by malicious people to compromise a user's
>>> system. A computer running a vulnerable version of Internet Explorer
>>> (5.01 SP4 or any version 6) can be exploited when the user visits a
>>> malicious website containing the exploit code. Such websites are
>>> currently out on the Internet and SNS has seen computers on the UC
>>> Berkeley network that have been exploited. Currently there is no patch
>>> for this vulnerability.
>>>
>>> To avoid becoming compromised, SNS advises using extra caution when
>>> visiting websites. Avoid websites from untrusted parties and use
>>> extreme
>>> caution when following web links in email -- make sure you trust the
>>> URL
>>> and "cut-and-paste" rather than clicking on the link. For extra
>>> protection, you can set your Internet Explorer security zone
>>> settings to
>>> "High" or disable Active Scripting (read the Microsft advisory for more
>>> information on how to do this).
>>>
>>> Read the Microsoft Advisory for more information:
>>> http://www.microsoft.com/technet/security/advisory/917077.mspx
>>>
>>> Please pass this information along to campus users and others who
>>> may be
>>> affected by this vulnerability.
>>>
>>>
>>
>>
>> ------------------------------------------------------------------------
>> The following was automatically added to this message by the list
>> server:
>>
>> For information about Micronet, including subscribing to
>> or unsubscribing from its mailing list and finding out
>> about upcoming meetings, please visit the Micronet Web site:
>> <http://micronet.berkeley.edu/>.
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
Received on Wed Mar 29 13:45:04 2006
This archive was generated by hypermail 2.1.8 : Wed Mar 29 2006 - 13:45:06 PST