Qwik-Fix Pro is not a spyware killer but it is enterprise level and do protect against all of the browser based vulnerabilities (among others) that are being used to forcefully install spyware. It is a perfect combo together with a spyware killer such as The Cleaner from Moosoft (http://www.moosoft.com/) or Lavasoft Ad-Aware (http://www.lavasoftusa.com/).
The protection against IE vulnerabilities was implemented in September 2003 and has since protected against all command execution vulnerabilities discovered since then without a need for updates. These very improvements to IE were subsequently included by Microsoft in Windows XP Service Pack 2, though the implementation Microsoft choose failed to protect against several vulnerabilities discovered since then such as the Drag'n'Drop vulnerability which Qwik-Fix Pro protected against.
As Tom pointed out, it is amusing that this is posted now as a "worm article" instead of as an "example exploit" when we originally posted our bulletin on February 8th.
What is even more amusing is how the media, including Slashdot, seem to have misunderstood the bulletin entirely. This is not a flaw in MSN Messenger, this is a flaw in Internet Explorer - called crossdomain scripting.
Using MSN Messenger for our example was - just that, an example. We could as easily have used a.NET application and thus miscredited that Microsoft product instead.
Another amusing aspect is how people tie this together with the "privacy disclosure" vulnerability found last week in MSN Messenger. These are 2 completely different things. The "privacy disclosure" gives a malicious programmer the names (and possibly email adresses) of the user and his friends.
This vulnerability allows you to hijack the users MSN Messenger - the application itself !
This is why you can send messages through it, as you can do anything with the application that a normal enduser would be able to - including, but not limited to, sending messages, emails and files and co-starting appplications on the users machine (yes, this allows you to remote control a users entire Windows machine !).
Now, that should have cleared up a few things.
With regards to the latest "superpatch", Microsoft claims that it "eliminates all known security vulnerabilities affecting Internet Explorer 5.01, 5.5 and 6.0.".
It is still very much possible for a malicious programmer to read a users local files and execute arbitrary commands - even when you are fully patched !
Slashdot Mirror
http://pivx.com/qwikfix/
Qwik-Fix Pro is not a spyware killer but it is enterprise level and do protect against all of the browser based vulnerabilities (among others) that are being used to forcefully install spyware. It is a perfect combo together with a spyware killer such as The Cleaner from Moosoft (http://www.moosoft.com/) or Lavasoft Ad-Aware (http://www.lavasoftusa.com/).
The protection against IE vulnerabilities was implemented in September 2003 and has since protected against all command execution vulnerabilities discovered since then without a need for updates. These very improvements to IE were subsequently included by Microsoft in Windows XP Service Pack 2, though the implementation Microsoft choose failed to protect against several vulnerabilities discovered since then such as the Drag'n'Drop vulnerability which Qwik-Fix Pro protected against.
What is even more amusing is how the media, including Slashdot, seem to have misunderstood the bulletin entirely. This is not a flaw in MSN Messenger, this is a flaw in Internet Explorer - called crossdomain scripting. .NET application and thus miscredited that Microsoft product instead.
Using MSN Messenger for our example was - just that, an example. We could as easily have used a
Another amusing aspect is how people tie this together with the "privacy disclosure" vulnerability found last week in MSN Messenger. These are 2 completely different things. The "privacy disclosure" gives a malicious programmer the names (and possibly email adresses) of the user and his friends.
This vulnerability allows you to hijack the users MSN Messenger - the application itself ! This is why you can send messages through it, as you can do anything with the application that a normal enduser would be able to - including, but not limited to, sending messages, emails and files and co-starting appplications on the users machine (yes, this allows you to remote control a users entire Windows machine !).
Now, that should have cleared up a few things.
With regards to the latest "superpatch", Microsoft claims that it "eliminates all known security vulnerabilities affecting Internet Explorer 5.01, 5.5 and 6.0.".
As you can see on our vulnerability highlight page, this is not true.
It is still very much possible for a malicious programmer to read a users local files and execute arbitrary commands - even when you are fully patched !