Serious MDAS / Explorer / IIS Flaw Found...
Results 1 to 4 of 4

Thread: Serious MDAS / Explorer / IIS Flaw Found...

  1. #1
    Banned
    Join Date
    Sep 2002
    Posts
    222

    Serious MDAS / Explorer / IIS Flaw Found...

    Foundstone Research Labs has discovered a critical flaw in Microsoft Data Access Components (MDAC) and that could be used to spread viruses and worms similar to what Code Red and Nimda have done in the past. This flaw (Buffer Overrun) in MDAC could allow the execution of code through systems running Microsoft Internet Information Server (IIS) with MDAC or running Microsoft Internet Explorer 5.01, 5.5, or 6.0 on any version of Windows other than XP.

    Microsoft has given the flaw a critical rating and highly suggest that patches be applied to all systems that are subject to the flaw.

    For additional information and to download a patch go to: http://www.microsoft.com/technet/tre...n/MS02-065.asp

  2. #2
    Junior Member
    Join Date
    Jul 2002
    Posts
    24
    I read through MS02-065 and I guess Microsoft has decided to leave W95 out in the cold again. I know they've discontinued support for the o/s but one would think critical security flaws would overlook that particular stance.

    Am I the only one still supporting W95? Does anyone know whether the patch is OK for 95?

  3. #3
    Senior Member
    Join Date
    Oct 2002
    Posts
    112
    We still have some Win95 boxes in our environment and I tested this patch on them today with no ill effects. I would not be afraid to install it on yours.
    If you receive something that says \'Send this to everyone you know,\' pretend you don\'t know me.

  4. #4
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    these are microsoft's own words, maybe their finaly catching on

    http://www.wired.com/news/technology...,56526,00.html

    ******************
    The company also said that to be truly safe, users should remove "Microsoft" from Internet Explorer's Trusted Publisher list.

    (like everybody hasn't already)

    The ActiveX control causing the latest problem was digitally signed by Microsoft. Digital signatures are a promise from a creator of ActiveX controls and other bits of code that the product you are about to run is safe.

    (and we all beleive that....right!)
    ******************
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •