Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-11-21 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Bofra/IFrame Exploits Update

Published: 2004-11-21
Last Updated: 2004-11-21 19:29:17 UTC
by Tony Carothers (Version: 1)
0 comment(s)
Update on Bofra/IFrame Exploits

We are still in the process of notifying sites that are hosting the exploit. We still encourage users to consider using another browser, other than IE6, until a patch for this is released by Microsoft. Windows XP SP2 is reported as not being vulnerable, and to this point we have nothing contrary.


Joe Stewart has an excellent writeup of the IFRAMES exploit, and should be read by users and admins both. Excellent piece of work, thank you Joe.



http://www.lurhq.com/iframeads.html

Tony Carothers

Handler on Duty

(With help from Patrick Nolan to navigate through the cloud cover)
Keywords:
0 comment(s)
Diary Archives