Several Things about IE bugs: 1st, i coded a stable demo of 1stCleanRc: http://www.safecenter.net/UMBRELLAWEBV4/1stCleanRc/1stCleanRc-Xp/index.html some anti-Virus firewall tools may detect this exploit as a virus, but most of these tools will fail if the exploit *files* are changed.(malware also suggested this. :-) ) ( more information about this remote compromise is available at: http://www.safecenter.net/UMBRELLAWEBV4/1stCleanRc/index.html ) second, the list of unpatched IE bugs is moved to: http://continue.to/trie OR http://die.leox.com/DirSvc/security/trie/index.html? the latest site-spoofing bug ( http://www.securityfocus.com/archive/1/346948 ) was also added there. the list should be up-to-date, but i could not update my website SAFECENTER.NET/UMBRELLAWEBV4 hosted by BRINKSTER.COM - both web management interface and ftp5.brinkster.com server are unreachable, even thru anonymous proxies. (thanks to http://www.leox.com for providing this host.) third, about the bug at: http://www.safecenter.net/UMBRELLAWEBV4/threadid10008/threadid10008-Content.htm again, it doesn't work on all windowz systems, as i already stated at: http://www.safecenter.net/UMBRELLAWEBV4/threadid10008/threadid10008-Note.htm long ago. but it did work on the Pull's WIN2K, dror's WINXP, codedreamers' WINXP and my WINXP - all up-to-date. this bug was also found by Codedreamers of http://codewebs.com independently, but i think i got it before he. :-) the demo of this vulnerability is at: http://www.safecenter.net/UMBRELLAWEBV4/threadid10008/threadid10008-Demo/default.asp if a download prompt pops up, the exploit fails; if a new IE window pops up, the exploit works. 4th, i collected several interesting notes, mostly about pivx and ms: http://www.securityfocus.com/archive/1/343544 "Believe me, I am all in for full disclosure and [...]" http://www.pivx.com/larholm/unpatched/ "PivX is continually updating the Unpatched page, albeit internally." ( "albeit" = ----------- Etymology: Middle English, literally, all though it be Date: 14th century : conceding the fact that : even though ----------- from: http://www.m-w.com/cgi-bin/dictionary?book=Dictionary&va=albeit ) http://www.pivx.com/larholm/unpatched/ "Given Microsoft?s recent positive actions together with[...]" http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/default.asp "Currently, Microsoft has no security bulletins to release as part of the monthly release cycle for the month of December" http://die.leox.com/ie_unpatched/ "List the Unpatched IE Vulnerabilities (Content: Key point , essential code and its related comment) There are currently 20 items. " http://www.pivx.com/larholm/unpatched/ "This was done in both a spirit of cooperation and for the good of the Internet as a whole. " ("This" means "we have suspended our ?Unpatched? page") http://www.pivx.com/clients.html "Partial Client List GMAC, BOEING, Microsoft, University of California, [...]" (i got this from jelmer at: http://lists.netsys.com/pipermail/full-disclosure/2003-December/014746.html ;-) ) at last, linux is cool. ;-) but windows is more exciting. :-P i use both. END CALL
