Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-disclosure] ZERT patch [was: 0day for IE (Disabling Javascript

from [Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]] Network Security [Permanent Link]
Subject: Re: [Full-disclosure] ZERT patch [was: 0day for IE (Disabling Javascript no longer a fix)]
Date: Mon, 25 Sep 2006 09:54:25 -0700 
Jesper's Blog : More options on protecting against recent IE 
vulnerabilities on a domain:
http://msinfluentials.com/blogs/jesper/archive/2006/09/22/More-options-on-protecting-against-the-VML-vulnerability-on-a-domain.aspx

I like that option better.  Leaves me supported and honestly I've not 
seen anything that I'm running that's used VML or freaked since I've 
done that?

Gadi Evron wrote:

On Sun, 24 Sep 2006, Bill Stout wrote:
  

http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-be
ing.html 
"This exploit can be mitigated by turning off Javascripting. 

Update: Turning off Javascripting is no longer a valid mitigation. A
valid mitigation is unregistering the VML dll. "
    


There is, of course, the ZERT (Zeroday Emergency Response Team) patch,
available to those who choose to use it.
Along with source code, testing methodology, etc.

Naturally a vendor patch is BETTER, this is merely an alternative that can
be used, right now, by those who choose to do so.

http://www.eweek.com/article2/0,1895,2019162,00.asp
http://isotf.org/zert/

Richard wrote an interesting blog entry on it:
http://taosecurity.blogspot.com/2006/09/zert-evolution.html

  

Bill Stout
    


      Gadi.


  


-- 
Letting your vendors set your risk analysis these days?  
http://www.threatcode.com

If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will 
hunt you down...
http://blogs.technet.com/sbs

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Full-disclosure] Could InfoSec be Worse than Death?, Paul Schmehl
Next by Date:  Re: [Full-disclosure] ZERT patch [was: 0day for IE (Disabling Javascript no longer a fix)], Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
Previous by Thread:  [Full-disclosure] ZERT patch [was: 0day for IE (Disabling Javascript no longer a fix)], Gadi Evron
Next by Thread:  Re: [Full-disclosure] ZERT patch [was: 0day for IE (Disabling Javascript no longer a fix)], Gadi Evron
Indexes:  [Date] [Thread] [Top] [All Lists]