用于攻击Google的代码现在公开了，欢迎测试

coredump · 发表于 19-1-2010 14:55:37

马上注册，结交更多好友，享用更多功能，让你轻松玩转社区。

您需要登录才可以下载或查看，没有帐号？FreeOZ用户注册

x

上个月用于攻击Google等公司的IE攻击代码于1月14日递交到恶意程序分析网站Wepawet。攻击主要依赖于运行在Windows XP上的Internet Explorer 6，但经过修改它也可能适用于IE7等较新版本的IE浏览器。当被攻击者点击了恶意网页后，攻击者能使用该代码在受害者的机器上运行未许可的软件。微软已就这一漏洞发布了安全通知，它的例行安全补丁发布定在2月9日，但鉴于情况紧急，软件巨人也可能会提前发布修复补丁。安全研究人员指出，Windows Vista或Windows 7上利用这一漏洞难度更大，但不是没有可能。德国联邦信息安全办公室甚至建议用户使用非IE浏览器。

yuba · 发表于 19-1-2010 15:14:52

Google还在用XP+IE6？

coredump · 发表于 19-1-2010 15:23:34

XP + IE6的组合在很多企业里还是应用极广的，而且只要成功攻击局域网内的一个，就行了，后面就是远程下载代码干正事了。而且XP+IE6只是“主要”受影响的组合，微软的补丁说：

Internet Explorer 6 Service Pack 1 on Microsoft Windows 2000 Service Pack 4
Internet Explorer 6 for Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows XP Professional x64 Edition Service Pack 2
Internet Explorer 6 for Windows Server 2003 Service Pack 2, Windows Server 2003 with SP2 for Itanium-based Systems, and Windows Server 2003 x64 Edition Service Pack 2
Internet Explorer 7 for Windows XP Service Pack 2 and Windows XP Service Pack 3, and Windows XP Professional x64 Edition Service Pack 2
Internet Explorer 7 for Windows Server 2003 Service Pack 2, Windows Server 2003 with SP2 for Itanium-based Systems, and Windows Server 2003 x64 Edition Service Pack 2
Internet Explorer 7 in Windows Vista, Windows Vista Service Pack 1, Windows Vista Service Pack 2, Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
Internet Explorer 7 in Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
Internet Explorer 7 in Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Internet Explorer 7 in Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
Internet Explorer 8 for Windows XP Service Pack 2, Windows XP Service Pack 3, and Windows XP Professional x64 Edition Service Pack 2
Internet Explorer 8 for Windows Server 2003 Service Pack 2, and Windows Server 2003 x64 Edition Service Pack 2
Internet Explorer 8 in Windows Vista, Windows Vista Service Pack 1, Windows Vista Service Pack 2, Windows Vista x64 Edition, Windows Vista x64 Edition Service Pack 1, and Windows Vista x64 Edition Service Pack 2
Internet Explorer 8 in Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
Internet Explorer 8 in Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2
Internet Explorer 8 in Windows 7 for 32-bit Systems
Internet Explorer 8 in Windows 7 for x64-based Systems
Internet Explorer 8 in Windows Server 2008 R2 for x64-based Systems
Internet Explorer 8 in Windows Server 2008 R2 for Itanium-based Systems

差不多一网打尽了

laowantong · 发表于 20-1-2010 15:05:51

haha, 俺就是XPSP3 + IE6.0的组合

懒得更新..

哪里有恶意网站? 也过过攻击谷歌的瘾

		自动登录	找回密码
密码			FreeOZ用户注册

FreeOZ

[新技术交流] 用于攻击Google的代码现在公开了，欢迎测试

马上注册，结交更多好友，享用更多功能，让你轻松玩转社区。

回复 #2 yuba 的帖子