Tuesday, September 21, 2004
Spam uses Drag and Drop vulnerability Posted by Katrin @ 17:42 GMT

A spam message containing link that leads to "click here to remove" page has been distributed largely.

In addition to the fact that it sends the user's email address to the spammers it also points to a web page that asks to scroll it. This page uses Drag and Drop vulnerability in Internet Explorer so when the page is scrolled, the exploit runs a proxy backdoor. Currently it downloads and runs Backdoor.Win32.Agent.ce but since it is controlled by the spammers it could be changed.

<<< New Java Applet Trojan that uses vulnerability in Sun Java Runtime
Greetings from Redmond >>>