[IP] more on Bofra exploit hits The Register ad serving supplier

To: Ip <ip@xxxxxxxxxxxxxx>
Subject: [IP] more on Bofra exploit hits The Register ad serving supplier
From: David Farber <dave@xxxxxxxxxx>
Date: Wed, 24 Nov 2004 09:44:15 -0500
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
Reply-to: dave@xxxxxxxxxx
Sender: owner-ip@xxxxxxxxxxxxxx



Begin forwarded message:

From: Ben Edelman <edelman@xxxxxxxxxxxxxxx>
Date: November 23, 2004 6:16:21 PM EST
To: dave@xxxxxxxxxx
Subject: RE: [IP] Bofra exploit hits The Register ad serving supplier

Dave,

For an example of how badly this IFRAME exploit can paralyze acomputer, seethe video I made last week. I show 16+ spyware programs installedwithout asingle notice to the user (nor request for consent from the user).Programsinstalled include software from 180solutions, BargainBuddy, TopMoxie,and

lots more.

  "Who Profits from Security Holes?"
  <http://www.benedelman.org/news/111804-1.html>


Ben


-----Original Message-----

From: owner-ip@xxxxxxxxxxxxxx [mailto:owner-ip@xxxxxxxxxxxxxx] OnBehalf Of

David Farber
Sent: Tuesday, November 23, 2004 5:29 PM
To: Ip
Subject: [IP] Bofra exploit hits The Register ad serving supplier




Begin forwarded message:

From: Monty Solomon <monty@xxxxxxxxxx>
Date: November 23, 2004 9:20:27 AM EST
To: undisclosed-recipient:;
Subject: Bofra exploit hits The Register ad serving supplier

http://www.theregister.co.uk/2004/11/21/register_adserver_attack/


Bofra exploit hits our ad serving supplier
By Team Register
Published Sunday 21st November 2004 16:18 GMT

Important notice

Early on Saturday morning some banner advertising served for TheRegister bythird party ad serving company Falk AG became infected with theBofra/IFrameexploit. The Register suspended ad serving by this company on discoveryof

the problem.

Bofra/IFrame is a currently unpatched exploit which affects Internet

Explorer 6.0 on all Windows platforms bar Windows XP SP2. If you mayhavevisited The Register between 6am and 12.30pm GMT on Saturday, Nov 20usingany Windows platform bar XP SP2 we strongly advise you to check yourmachine

with up to date anti-virus software, to install SP2 if you are running
Windows XP, and to strongly consider running an alternative browser, at
least until Microsoft deals with the issue.

We have asked Falk for an explanation and for further details of the

incident, and pending this we do not intend to restart ad-serving viathe

company. Falk will, we understand, be making a statement regarding the
matter on Monday.

Although the matter was beyond our direct control, we do not regard itasacceptable for any Register reader to be exposed in this way, and wishto

apologise sincerely to anyone who was. Further information about this
particular exploit is available here or here.

http://www.theregister.co.uk/2004/11/04/ie_iframe_vuln/

http://www.theregister.co.uk/2004/11/10/bofra_worm/

-------------------------------------
You are subscribed as edelman@xxxxxxxxxxxxxxx
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at:http://www.interesting-people.org/archives/interesting-people/


-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] FT opinion: European Database Directive stifles competition and innovation
Next by Date: [IP] more on Deworming the Internet -- addressing market failure in computer security
Previous by thread: [IP] FT opinion: European Database Directive stifles competition and innovation
Next by thread: [IP] more on Deworming the Internet -- addressing market failure in computer security
Index(es):
- Date
- Thread