lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: R.Ferris at napier.ac.uk (Ferris, Robin)
Subject: FW: Microsoft Security Update 

V

its too easy block macro viruses now though, what with mail gateways and
heuristic scanning etc etc you need to find a way of automating the attack,
keeping the human double click element to a minimum. What I should have
probably done was "propagate anything effectively on a large scale" so some
kiddies and gunna work out how to exploit the macro ones but I havent seen
one of them for ages that was any good.

The little kiddies arent the problem, the problem for admins is the person
ro group that code things like slammer, sobig etc with about 5 to 6 days to
go before the potential release of the nxt sobig Im looking to see what
people think of this specific problem and to see if people think its gunna
be exploited, and I mean exploited big.

but I get your point though on the macro's issue

RF

-----Original Message-----
From: Valdis.Kletnieks@...edu [mailto:Valdis.Kletnieks@...edu]
Sent: 04 September 2003 17:56
To: Ferris, Robin
Cc: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] FW: Microsoft Security Update 


On Thu, 04 Sep 2003 09:55:22 BST, "Ferris, Robin" <R.Ferris@...ier.ac.uk>
said:
> There appears to be only one that will get the coderz and the admins
> slightly worried and that is the:
> 
> Title:  	Flaw in Visual Basic for Applications Could Allow 
> 		Arbitrary Code Execution (822715)
> 
> its the only one that could be imho used to propagate anything. 

Umm.. Robin?  How long you been at this?

Word macro viruses used to be all the rage.  They were even so bad a problem
that the Microsoft of many years ago finally admitted there needed to be a
way
to turn off macros....

"Ah'll be bach...." - Ahnold Schwartzemacro....


Powered by blists - more mailing lists