[Full-Disclosure] Mystery DNS Changes
Joe Stewart
jstewart at lurhq.com
Thu Oct 2 14:23:46 BST 2003
On Thursday 02 October 2003 08:31 am, Randal, Phil wrote:
> NAI has this as QHosts-1, and says MS03-032 does NOT protect against
> it:
F-Secure named this trojan "Delude" days ago. NAI's QHosts-1 is just a
variant. It is well known that MS0-032 is not 100% effective, so
definately no one should think they are immune to this or any other
hostile object tags just because they have that patch. Everyone running
IE should disable active scripting if they want to avoid these little
surprises.
-Joe
--
Joe Stewart, GCIH
Senior Security Researcher
LURHQ Corporation
http://www.lurhq.com/
Full-Disclosure is hosted and sponsored by Secunia.