OLE Automation

jen · 06-10-2008, 01:02 PM

<MerryMav@gmail.com> wrote in message
news:dd5b7e82-3c08-4000-bf71-3f231215a427@l28g2000prd.googlegroups.com...
On Jun 9, 2:38 pm, "jen" <j...@example.com> wrote:
> <Merry...@gmail.com> wrote in message
> news:82b9133a-8382-4c27-910e-a875921f3c7e@i36g2000prf.googlegroups.com...
> On Jun 7, 10:00 am, Merry...@gmail.com wrote:> Can OLE be used in
> conjunction with spyware programs?
> "I asked the above question the other day because OLE keeps popping up
> on my system of late when I navigate from one website to another,
> which it never did before. I realize this is a harmless exe but am
> just asking if there's been an evolution w/it in the last six months
> or so.
> C'mon guys, help assuage this old gal's paranoia...."
Jen replied:
> Not enough info in your post to be able to answer...
> By "OLE" do you perhaps mean Outlook Express by any chance?
> OLE or Ole may refer to:http://en.wikipedia.org/wiki/OLE
"Hi, Jen, thank you for responding. I was referring to the Win32
application, which, everybody has on their systems and which is
normally safe:
http://www.cgoakley.demon.co.uk/prog/oleaut.html
http://en.wikipedia.org/wiki/Object_..._and_Embedding
But, it can be programmed to do other things, from what I understand.
I am an absolute novice, so know little. Just wondered if someone had
come up with a way to use it to hijack browser history."

Well, of course there are OLE exploits

Don't know what you mean by "hijack browser history"...
Here's a recent exploit:
(are you up-to-date on your MS patches?)

More analysis on the MS Jet Exploits camouflaging as Microsoft Word
files
Wednesday March 26, 2008 at 4:27 pm CST

The trojan installation techniques used in this threat are nothing
special and can be seen in other exploit files; however the method to
trick users in this attack, by using non-exploit OLE files as loaders of
other exploit OLE files is something new. As we see from past attacks,
we no longer can rely on file extensions. We should continuously be
careful with all unknown OLE files and not open untrusted email
attachments.
http://www.avertlabs.com/research/bl...ft-word-files/
Take a look here:
http://www.google.com/search?client=...=Google+Search

-jen

Thread: OLE Automation

Thread Tools

Display

Threaded View

Re: OLE Automation

Thread Information

Users Browsing this Thread

Posting Permissions