The vulnerability itself has been known about for a while, but it was only a problem for a denial-of-service attack that would sometimes cause IE to crash. Up until now, no one knew how to mark the code and find it in memory to execute a remote code attack.
More Quotes from Johannes Ullrich:
The obvious thing is to apply patch MS05-051 on at least your Windows 2000, ... We do know the port 3372 scanning started in full force, likely in order to acquire target lists. If you can't patch, at least make sure port 3372 is closed.Johannes Ullrich
We carefully checked this patch and are 100 percent sure that it is not malicious. The patch is, of course, not as carefully tested as an official patch. But we feel it is worth the risk. We know it blocks all exploit attempts we are aware of.
Johannes Ullrich
At this point, Apple does not appear to offer the patches in distinct packages, which will make testing in larger environments tricky.
Johannes Ullrich
We've basically built doors now for 4,000 years and still have burglaries.
Johannes Ullrich
We do suspect that Microsoft will still release an early patch given the imminent danger to its customers from this flaw. As stated by the company about two years ago, patches can be released within two days if needed. Based on prior public commitments, we do suspect that Microsoft will issue the patch early once they are convinced that customers require the use of Internet Explorer in production environments.
Johannes Ullrich
will connect to a control server to ask for instructions. It scans network neighborhoods and tries to infect them, as well.
Johannes Ullrich
Readers Who Like This Quotation Also Like:
Based on Topics: Memory QuotesBased on Keywords: denial-of-service
There are a lot of things I can take, and a few that I can't. What I can't take is when my older brother, who's everything that I want to be, starts losing faith in things. I saw that look in your eyes last night. I don't ever want to see that look in your eyes again.
M. Night Shyamalan
Getting bored is not allowed.
Kay Thompson
Their way of Dancing, is nothing but a sort of stamping Motion, much like the treading upon Founders Bellows.
John Lawson