|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: IE Domain Confusion Vulnerability doesn't matter much
From: Richard M. Smith (rms2000
BELLATLANTIC.NET)Date: Mon May 15 2000 - 07:12:39 CDT
- Next message: Howard M. Kash III: "Vulnerability in CGI counter 4.0.7 by George Burgyan"
- Previous message: Cisco Systems Product Security Incident Response Team: "Cisco Security Advisory: Cisco IOS HTTP Server Vulnerability"
- In reply to: Marc Slemko: "Re: IE Domain Confusion Vulnerability doesn't matter much"
- Reply: Richard M. Smith: "Re: IE Domain Confusion Vulnerability doesn't matter much"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Marc,
> That is why you are supposed to configure outlook to use a restricted
> security zone for reading mail that doesn't allow any "active scripting
> languages", etc.
Actually the Restricted Sites Zone still has Active Scripting
turned on. This zone only disables ActiveX controls and
Java applets by default. To make Outlook and Outlook Express
safe from IE security holes requires Active Scripting
to be turned off manually.
I put instructions on my Web site last summer that goes
through the entire procedure:
http://www.tiac.net/users/smiths/acctroj/oe.htm
Richard
- Next message: Howard M. Kash III: "Vulnerability in CGI counter 4.0.7 by George Burgyan"
- Previous message: Cisco Systems Product Security Incident Response Team: "Cisco Security Advisory: Cisco IOS HTTP Server Vulnerability"
- In reply to: Marc Slemko: "Re: IE Domain Confusion Vulnerability doesn't matter much"
- Reply: Richard M. Smith: "Re: IE Domain Confusion Vulnerability doesn't matter much"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]