*Advice* Using IE
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: *Advice* Using IE

  1. #1

    *Advice* Using IE

    With the new (unpatched) IE bugs I thought I might point out the following bugtraq post by Thor Larholm of PivX.
    (I am aware that many AO members read bugtraq themselves, I still want to point it out for those who don't)
    Thor Larholm is a senior security researcher at PivX Solutions.
    Excerpt from post
    When I attended the NTBugtraq Retreat earlier this year, most of the
    attendees were surprised to hear that I am using Internet Explorer on a
    daily basis, particularly since I should know how vulnerable it can be
    at any given time. I surf with JavaScript and ActiveX enabled, see flash
    movies and play Java games, but despite this I am not vulnerable [0] to
    a single command execution vulnerability or system compromise through
    Internet Explorer.
    Read the whole article and find out why he is not vulnarable ()
    Comments on 5 IE vulnerabilities

  2. #2
    Senior Member
    Join Date
    Aug 2003
    It's an advertisement....

  3. #3
    Junior Member
    Join Date
    Nov 2003
    ^ hehe, i'd tend to agree

    *hugs my mozilla firebird build*

  4. #4
    Macht Nicht Aus moxnix's Avatar
    Join Date
    May 2002
    Huson Mt.
    Good call groovicus. It seems to me to push that application and promote the group (web site) he is a part of, and to give little or no useful information.
    \"Life should NOT be a journey to the grave with the intention of arriving safely in an attractive and well preserved body, but rather to skid in sideways, Champagne in one hand - strawberries in the other, body thoroughly used up, totally worn out and screaming WOO HOO - What a Ride!\"
    Author Unknown

  5. #5
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    United Kingdom: Bridlington
    Well, well well,

    I have to click on open now?......................I don't think so

    I have downloaded the file.....maybe have a look at what it is up to, tomorrow.

    I have a feeling that this might be worse than it looks? if I want to test a product, I expect to be able to download it, sort my system out and then install it......there is very little I would accept as a straight install off the net

    Hell it isn't Micro$oft or your AV/firewall supplier is it?

    I think that I will just go back to trolling prOn sites it might be safer?

    Cheers, good calls all round IMHO

  6. #6
    It's an advertisement....
    FYI, Thor Larholm is the one that maintained the Unpatched Internet Explorer Bugs,
    It was on the PivX site. (http://www.pivx.com/larholm/unpatched/) but no longetr maintained.
    There are some people that have continued it but I have no URL at hand.
    Dig the bugtraq archives, its there somewhere
    The article I linked to was a bugtraq post about how to lock down your IE and still be able to view active content, flash etc.
    This is done by locking down the local computer zone (which cannot be done by the normal 'zones' setting', but has to be done trough registry hacks)
    It also links you to the microsoft site with the appropriate information.
    Good call groovicus. It seems to me to push that application and promote the group (web site) he is a part of, and to give little or no useful information.
    I thought this was a security-site, if you never heard of PivX (http://www.pivx.com) you obviously have not been around

  7. #7
    Senior Member
    Join Date
    Aug 2003
    It said simply that you could secure your browser by locking down your local computer zone, it doesn't say how... and the first link afterwards is for software...and it wouldn't be the first thing I have gotten from Bugtraq that was spam...

    I know how to build houses, so I tell you that you need lumber, and nails, and a few other things. But that's not telling you how to build a house. You have to buy my book....

  8. #8
    It also links to the micosoft site that does explain how to lock it down.
    NOTE: My Computer does not appear in the Zone box on the Security tab.

    Each of these keys contains the following DWORD values that represent corresponding settings on the custom Security tab:

    NOTE: Unless stated otherwise, each DWORD value is equal to zero, one, or three. A setting of zero typically sets a specific action as being permitted, a setting of one causes a prompt to appear, and a setting of three prohibits the specific action.

    Value Setting
    1001 Download signed ActiveX controls
    1004 Download unsigned ActiveX controls
    1200 Run ActiveX controls and plug-ins
    1201 Initialize and script ActiveX controls not marked as safe
    1206 Scripting of WebOC
    1400 Active scripting
    1402 Scripting of Java applets
    1405 Script ActiveX controls marked as safe for scripting
    1406 Access data sources across domains
    1407 Allow paste operations via script
    1601 Submit non-encrypted form data
    1604 Font download
    1605 Unknown
    1606 User Data persistence
    1607 Navigate sub-frames across different domains
    1608 Allow META REFRESH *
    1609 Display mixed content *
    1800 Installation of desktop items
    1802 Drag and drop or copy and paste of files
    1803 File Download
    1804 Launching programs and files in an IFRAME
    1805 Unknown
    1806 Launching applications and unsafe files
    1A00 Logon
    1A02 Allow persistent cookies that are stored on your computer
    1A03 Allow per-session cookies (not stored)
    1A04 Don't prompt for client certificate selection when no
    certificates or only one certificate exists *
    1A05 Allow 3rd party persistent cookies *
    1A06 Allow 3rd party session cookies *
    1A10 Privacy Settings *
    1E05 Software channel permissions
    1C00 Java permissions
    {AEBA21FA-782A-4A90-978D-B72164C80120} First Party Cookie *
    {A8A88C49-5EB2-4990-A1A2-0876022C854F} Third Party Cookie *

    * indicates an Internet Explorer 6 or later setting

  9. #9
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    United Kingdom: Bridlington
    In my opinion any software that requires you to open directly from the net and install requires you to click cancel, if you have a brain.

    NOT PROFESSIONAL...............period!!!!!!!!!! sorry ................................................ [NOT!]

    Why should I even bother to make Microsoft stuff work...................just delete/uninstall and use Opera or whatever.

    As for promiscuous browsing......well if he is happy...good luck to him...he will get that which arrogance desrerves

    I guess I might even e-mail Macrohard's technical support for an opinion?

    I really love these Ali1 types don't you all?


  10. #10
    Thor Larholm has worked with MicroSoft in at least one patch for IE (I really am surprised you never heard of him)

    Microsoft thanks David Litchfield of Next Generation Security Software Ltd. and Thor Larholm, Security Researcher, PivX Solutions, LLC (http://www.pivx.com) for reporting the Buffer Overrun in HTML Help ActiveX Control to us and working with us to protect customers.
    Perhaps that is where the
    It's an advertisement....
    steps back in to the discussion
    But I dont feel the post is an advertisment to the QwikFix, it has two more links in it.
    It gives you enough information to do it by hand.
    I agree that you should prevent installing software from untrusted company.

    Why should I even bother to make Microsoft stuff work
    Unless you pWn a pirated version, you paid enough for it to use it.

    just delete/uninstall and use Opera or whatever.
    That is a quick and dirty way of dealing with a problem

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts