by Alex Eckelberry | Sep 25, 2006 | Uncategorized
Juha-Matti Laurio does the hefty lifting, with an extensive FAQ here. Alex Eckelberry
by Alex Eckelberry | Sep 25, 2006 | Uncategorized
VML exploit in a fake ecard:On our test system, the greeting card in question downloaded a number of pieces of executables: is.exe, ie.exe and cpu.exe.One assumes this will be sent via spam, but we have not seen any samples. Credit goes to Roger Thompson over at...
by Alex Eckelberry | Sep 25, 2006 | Uncategorized
The daxtcle.ocx exploit is the “other” zero day exploit, which to our knowledge hasn’t been seen in the wild. However, Adam Thomas in our security research team has just discovered a website with a modified version of the exploit that...
by Alex Eckelberry | Sep 23, 2006 | Uncategorized
Yesterday, I blogged about an ISP, HostGator, that had its servers hacked to spread the VML exploit. More light is shed. HostGator says hackers compromised its servers using a previously unknown security hole in cPanel, the control panel software that is widely...
by Alex Eckelberry | Sep 23, 2006 | Uncategorized
My apologies for the constant stream of posts on the VML exploit. I’m really not trying to spread a unnecessary panic here — and we are not at panic levels on this thing. There’s just a fair amount of data coming out on this thing and this blog...