[Full-Disclosure] How often are IE security holes exploited?
Blue Boar
BlueBoar at thievco.com
Thu Dec 12 22:50:54 GMT 2002
Richard M. Smith wrote:
> Has anyone ever looked into how often security holes in Internet
> Explorer are actually used in viruses, worms, Trojan horses, and other
> malware? My sense is that very few of them are actually used in the
> wild.
Define "how often". It's either every day, or somewhere around 1 in 30
vulnerabilities. :)
> The KaK and Klez worms both use IE security holes to do their
> dirty work, but most other Windows viruses seem to rely on social
> engineering and standard features of Microsoft products.
>
> If folks know of other malware that make use of IE security holes,
> please let me know. I'm putting together a little list.
Nimda. There must be a few more as well. I still constantly get email
that tries to use various IE exploits, and I don't believe they're all
Nimda, Kak, and Klez.
BB
Full-Disclosure is hosted and sponsored by Secunia.