[Chachazz]

Robert Lemos,
SecurityFocus 2005-08-08

Microsoft 's experimental Honeymonkey project has found almost 750 Web pages that attempt to load malicious code onto visitors' computers and detected an attack using a vulnerability that had not been publicly disclosed, the software giant said in a paper released this month.
Click here for Core Impact!

“ In terms of detection capabilities, it's a really elegant hack. The antivirus model -- scan for dangerous patterns -- can't find previously unknown attacks. ... No, the best way to find out if a web page, if executed, would attack the browser is to spawn a browser and let it execute potentially hostile code. ”

Known more formerly as the Strider Honeymonkey Exploit Detection System, the project uses automated Windows XP clients to surf questionable parts of the Web looking for sites that compromise the systems without any user interaction. In the latest experiments, Microsoft has identified 752 specific addresses owned by 287 Web sites that contain programs able to install themselves on a completely unpatched Windows XP system.

More @ Security Focus

[Advertisements]

Yeah, I too read this article on Security Focus. What seems more alarming to me is that there were exploits discovered by this project which were new and unpatched and therefore would be able to install on every single machine it encountered, not just unpatched ones, which IMHO are just asking for trouble!

[Baggyboy]

Yeah, I too read this article on Security Focus. What seems more alarming to me is that there were exploits discovered by this project which were new and unpatched and therefore would be able to install on every single machine it encountered, not just unpatched ones, which IMHO are just asking for trouble!