|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: POS#1 Self-Executing HTML: Internet Explorer 5.5 and 6.0 Part III
From: Art Manion (amanion
CERT.ORG)
Date: Fri Nov 07 2003 - 11:22:14 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
--On Thursday, November 06, 2003 2:02 AM -0700 Kurt Seifried
<kurtseifried.org> wrote:
>> In our never-ending quest for entertainment, we commece from
>> this date forward to end-2004 our POS series of findings. That
>> is the 'perfect operating system'. Today we debut and regurgitate
>> new and not so new for fun as follows. A warm up for the New Year if
>> you will !:
>
> This is easy to avoid. Just set the kill bit for the affected Active
> component, Adodb.Stream for which the CLSID is
> 4B106874-DD36-11D0-8B44-00A024DD9EFF.
{4B106874-DD36-11D0-8B44-00A024DD9EFF} is the Local Troubleshooter control.
The ADODB.Stream control, an important part of several current IE exploits,
is {00000566-0000-0010-8000-00AA006D2EA4}.
MS KB article about the kill bit:
<http://support.microsoft.com/support/kb/articles/q240/7/97.asp>
Disable Active scripting for untrusted sites.
- Art
-----
Marcus Ranum's new book "The Myth of Homeland Security" is now out and
is available from http://www.amazon.com/ranum In this hard-hitting
review of the homeland security business, Ranum shows us how the problem
is vastly harder than it's being made to sound, and how special
interests, butt covering, and bureaucracy are threatening to derail any
chance of making progress.
-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]