Jump to content

[Misc] | How vulnerable is your OS?


suryad

Recommended Posts

http://www.computerterrorism.com/research/ie/poc.htm

Use IE and FF to try it. Here is a link to the Proof of Concept [computerterrorism.com] page, which will launch an instance of calc.exe if you're vulnerable. I found out I am vulnerable...

A lot of people disagree with my assessment of MS's security issues.....but this proves my point once and for all. There are lots and lots of holes and known holes at that in the OS. Shouldnt MS be takng a better stance on security? Lets hope Vista is not prey to this attack!! On that note if anyone has Vista it would be great if you could give it a whirl. X64 users also please attempt and post your results.

I didnt know where else to put this post so I put it in this forum. Give it a whirl people!

Link to comment
Share on other sites


Like Jeremy, here in Opera, it opened a window called CT... and then Trend Micro went nuts. :P

In IE, the page wouldn't even load, since Trend Micro caught something nasty. (a .jar file - understandable that it's Javascript)

The page loads in Firefox, and when I go to run it... a second Window appears and then Firefox freezes.

Link to comment
Share on other sites

XP SP2 fully patched - Internet Explorer crashed when running the code, but no calculator. Also, Trend A/V went nuts (which likely is what caused IE to crash).

I know we like to knock Microsoft about security vulnerabilities, but Windows (and thus, IE) is a quite complex basket of code. I think it's a little disingenous when a security firm finds an exploit, and rather than let the vendor know beforehand post the exploit to the wild. Instead of contacting Microsoft and giving them time to fix the exploit, let's make everyone unsafe by releasing the exploit to all of the script kiddies of the world. Yes, IE is vulnerable - but are we less or more safe now that this "security firm" released the exploit code to the wild before letting the vendor know of the problem?

Link to comment
Share on other sites

i have give it a try too with opera 8.51 and XP SP2 with all hotfixes. kaspersky immediality popups with a warning and question to remove it or keep it. nothing happened further.

edit: tryed with IE6 and the same popup from kaspersky too. i dont use FF so i cant test that but i believe kaspersky defents it too..

Edited by SolidasRock
Link to comment
Share on other sites

Windows XP MCE 2005 no hotfixes. I clicked OK on the prompt a few times and when I decided to move it around on the screen, BAM! IE crash.

*clicks don't send*

Ok now Dr. Watson crashed and sat in the background along with IE until I decided to kill it.

o_O

Edited by Daemonforce
Link to comment
Share on other sites

That was fun. XP Pro SP2, hotfixes, nlited, no AV, ZoneAlarm, FF. Kablam! Locked FF up nice and tight. Two things I noticed when I went to the sight: (1) My monitor flickered when I went to the sight, (2) a Firefox 'about:' window had also opened with nothing in it after clicking the appropriate link.

DL

Link to comment
Share on other sites

i have give it a try too with opera 8.51 and XP SP2 with all hotfixes. kaspersky immediality popups with a warning and question to remove it or keep it. nothing happened further.

edit: tryed with IE6 and the same popup from kaspersky too. i dont use FF so i cant test that but i believe kaspersky defents it too..

i have tryed the test again with kaspersky disabled, opera 8.51 still do nothing. IE6 freeze up and nothing more...

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...