Posted 29 August 2007 - 10:04 PM
According to Internet Security Systems: Microsoft Internet Explorer could allow a remote attacker to bypass intrusion detection systems. Internet Explorer ignores NULL characters in HTML documents. A remote attacker could exploit this vulnerability to avoid detection systems and possibly gain unauthorized access to the system.
I get a lot of these alerts from my firewall from google and appsite hosting. They seem like legit sites, and I don't use internet explorer, but does this mean something is seeking access in or out of my system? I'm sure I have no malware and have the suspicious ip's and the whois points to google.com and sprint (sprintlink-dellhost and vericenter sprintlink). I get them when I'm not using google and I don't use anything sprint or vericenter and I get them even when I'm not using the computer. Just wondering if this is a false positive from my firewall, in which case I'll tell it to ignore these things, or whether it is a problem.