-
September 29th, 2004, 04:10 PM
#21
It would be entirely possible to force a user to visit a malicious site. It's called a pop-up. We see them all the time.
But you aren't forcing the user to visit the site that initiates the popup thus you can't _force_ the user to visit the infected site. If you have that much control over the initial site that you can make it initiate the popup then why wouldn't you just insert the jpg in the initial site. Your point doesn't seem to make sense..... Am I missing something?
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
September 29th, 2004, 06:35 PM
#22
I was wondering if anyone knew of a tool like GDIScan but did not have to be run locally. I need an enterprise solution. We are running many different versions of office. And you all know that to ask 25,000+ users to run their own GDIScan locally is not a viable option. Even if we did have them run it locally, they would not know what to do from there.
So I guess the bottom line is: Are there any tools out there, like landesk, that will help with the enterprise wide scan?
TIA
Civilization. The death of dreams.
-
September 29th, 2004, 11:55 PM
#23
Microsoft Baseline Security Analyzer V1.2.1 can help you for Windows Patch but it cannot scan Office Remotely!
-
September 30th, 2004, 04:43 AM
#24
Well, I was using baseline to check for the XP SP1 GDI patch. But you are correct, that is not capeable of scanning MS Office. Since that post I have already started using Hfnetchk Pro. Awesome program, everyone working in a large scale network should check it out.
On another note, when and if this ever hits in mass, there are going to be quite a few admins out there caught with their pants down. With so many versions of office out there with different levels of SPs it is quite demanding to patch. But Visio and Project also have seperate patches that are not covered in the Office updates. Ouch...this sucks.
Just to let everyone know, SUS v.2 should be out early next year. It is the long anticipated follow up to v.1 that will support Office updates. Thank god.
I have just one more question, I read on here that XP SP1 is still vuln after applying the patch ( I am almost afraid to ask because the last poor soul got neg'd to death.) and that SP2 is the only way to be completely safe. Is there some article I can reference for this? It can make a big difference in wether we start pushing SP2 from our test group into the AD production groups.
TIA
Civilization. The death of dreams.
-
September 30th, 2004, 08:09 PM
#25
New version of GDIreporter
There is a new version of the GDIPlus Reporting Tool. Fixes are outlined
below:
Version 1.1.3.0 - 09/29/2004
* Fixed - UI problem where "Tabs" pane did not expand vertically
when the form was expanded
Version 1.1.2.0 - 09/29/2004
* Fixed - bug that caused an exception when a "directory path" was
too long (2nd bug of this type)
Version 1.1.1.0 - 09/28/2004
* Added - Right-Mouse (Context) menu to the "Search Paths",
"Execution Status" and "Search Results" output panes
* Fixed - bug that caused an exception when a "directory path" was
too long
Version 1.1.0.0 - 09/22/2004
* Added - Ability to specify a "Machine" name and have all of the
logical drives added to the "Search Paths" as "Administrative Shares"
* Added - Link to web site from the "Help" menu
* Changed - "Search Paths" user interface
* Changed - "Search Paths" information can now be Copied, Printed,
and Saved
* Fixed - bug that caused an exception when a directory that the
user did not have access to was encountered
* Fixed - bug that caused an exception when an attempt to add a
"Search Path" to the list was already in the list
Version 1.0.1.0 - 09/21/2004
* Fixed - bug where search path did not contain a full path (D: rather
than D:\)
Version 1.0.0.0 - 09/16/2004
Initial Release - No revision history
Homepage: http://www.dynicity.com/products/gdireporter.aspx
-Maestr0
\"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|