|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Microsoft JET/Office Vulnerability Exploit
Ben Greenbaum (beng
SECURITYFOCUS.COM)
Wed, 18 Aug 1999 12:59:35 -0700
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: hexeditPOREIA.COM: "Jet 3.51 Vul / Office 97"
- Previous message: Thomas Biege: "Re: midnight commander vulnerability(?)"
Just a reminder, there are workarounds to solve this.
Cut-n-pasted from the vulnerability listing:
MDAC 2.1 includes the JET 4.0 driver which is not affected by this
vulnerability. It is available for download at:
http://www.microsoft.com/data/download.htm
Also, Wanderley J. Abreu Jr. <stormUNIKEY.COM.BR> has written a
program that will search the registry and modify the EditFlags value for
DocObjects file types, setting the Confirm Open After Download value to
01. this means that these filetypes can no longer be silently downloaded
and opened. This can be downloaded from:
http://www.securityfocus.com/data/vulnerabilities/patches/RegFix.zip
Ben Greenbaum
SecurityFocus
www.securityfocus.com
- Next message: hexeditPOREIA.COM: "Jet 3.51 Vul / Office 97"
- Previous message: Thomas Biege: "Re: midnight commander vulnerability(?)"
This archive was generated by hypermail 2.0b3 on Fri Aug 20 1999 - 07:01:36 CDT