Re: IE 5.0 allows executing programs

David LeBlanc (dleblancMINDSPRING.COM)
Mon, 23 Aug 1999 10:08:07 -0700

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Bob Todd: "Re: Vulnerability in Solaris 2.6. rpc.statd ?"
• Previous message: Aleph One: "Microsoft Security Bulletin (MS99-031)"
• Next in thread: Jesper M. Johansson: "Re: IE 5.0 allows executing programs"
• Next in thread: Andrej Todosic: "Re: IE 5.0 allows executing programs"
• Reply: Jesper M. Johansson: "Re: IE 5.0 allows executing programs"
• Reply: Paul Schmehl: "Re: IE 5.0 allows executing programs"

At 07:17 PM 8/21/99 +0300, Georgi Guninski wrote:

>Workaround:
>Disable Active Scripting
>or
>Disable Run ActiveX Controls and plug-ins

Actually, the setting that goes right to the heart of this one is "Script
ActiveX Controls Marked Safe For Scripting". Default for "Internet Zone"
is Enable. It is probably safest to set it to either disable or prompt. I
personally would tend to prefer prompt, because it then lets you see who is
trying to do what. If someone is trying to do rude things to my system, I
generally want to know about it. Disabling all ActiveX controls is
probably overkill, as the ones that aren't marked safe for scripting can't
be caused to do things remotely.

On some sites, you'll find that you may want this to function, and I'd
consider adding them to the "trusted sites" zone.

David LeBlanc
dleblancmindspring.com

• Next message: Bob Todd: "Re: Vulnerability in Solaris 2.6. rpc.statd ?"
• Previous message: Aleph One: "Microsoft Security Bulletin (MS99-031)"
• Next in thread: Jesper M. Johansson: "Re: IE 5.0 allows executing programs"
• Next in thread: Andrej Todosic: "Re: IE 5.0 allows executing programs"
• Reply: Jesper M. Johansson: "Re: IE 5.0 allows executing programs"
• Reply: Paul Schmehl: "Re: IE 5.0 allows executing programs"

This archive was generated by hypermail 2.0b3 on Fri Aug 27 1999 - 22:15:15 CDT