"zero day" exploit...?

Matthew_Sullivan · June 9, 2004, 6:17am

In case you haven't seen it...

http://www.computerworld.com.au/index.php?id=117316298&eid=-255

/ Mat

Christopher_L_Morro1 · June 9, 2004, 6:33am

yeah, yet another 'zero-day' (is it really zero-day with this?) IE
hole So again, why would you want to use this? (yes sean, there are
more holes in bind/sendmail/blah-unix-tool than ever in IE/Win*, but the
market base causes the huge scope of the problem, eh?)

oh well, block tcp/80 and tcp/443?

Sean_Donelan · June 9, 2004, 6:39am

The good news is Windows XP Service Pack 2 blocks the attack. The bad
news is XP/SP2 is still in beta. The double-bad news is XP/SP2 is only
for XP; so "legacy" Microsoft users are still out of luck.

Full Disclosure has been discussing the details.

Stephen_J_Wilcox1 · June 9, 2004, 2:02pm

Hmm is this the same as the help file problem recently patched for Safari in Mac
OSX?

Steve