Hello, Nothing to add again, just a trivial IE crash. http://www.sztolnia.pl/hack/TrivialIECrash2/TrivialIECrash2.html I checked the net and haven't found any other sysmon.ocx vulnerability, except this one http://www.ussrback.com/labs57.html but this one uses different CLSID. Thx to Richard Moore who pointed out my rediscovery in my last post. Best Regards Adam Blaszczyk reverser, coder, writer & researcher [VX/AV] http://www.symantec.com (Localization Engineer) http://www.mykakee.com (Home page) Whatever I say in this e-mail is my private opinion.
