-
February 14th, 2006, 08:53 PM
#1
** HEADS UP** IE vulnerability
Greeting's
vulnerability in Internet Explorer, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to error in the timing of drag-and-drop events when certain objects not derived from HTML documents (e.g. files within a folder view) are dragged. This race condition can be exploited to place arbitrary files on a user's system by tricking the user into interacting with a malicious web
Solution is :
Disable Active Scripting support for all but trusted sites.
For more information :
FULL DISCLOSURE
http://archives.neohapsis.com/archiv...6-02/0271.html
To verify above information :
http://secunia.com/advisories/18787/
Microsoft :
http://blogs.technet.com/msrc/archiv...13/419439.aspx
Parth Maniar,
CISSP, CISM, CISA, SSCP
*Thank you GOD*
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
-
February 14th, 2006, 10:18 PM
#2
YAIEV
Yet Another Internet Explorer Vulnerability. To be fair, the chances of a user doing what is necessary for the vulnerability to be exploited are fairly low, but nonetheless possible. IE is just a waste of time - even designers are now giving up using CSS hacks to support it.
IE7 better be good (if anything made by M$ can be 'good')
Thank god Dell are now shipping Firefox on their PCs! At least there are some solid, stable browsers in the world...
-
February 14th, 2006, 10:28 PM
#3
Evening peeps,
Just out of interest, what is the best way do leave IE if you do use a different browser instead, because I am aware that you cannot just uninstall IE due to the way it integrates with the operating system.
I personnally have just left it, and disabled it in Zone Alarm. Is that a good way to leave it?
The ever curious Jo??Y Fro?d
Sarcasm is a way of life
-
February 14th, 2006, 11:55 PM
#4
*sigh*
*hugs slackware box*
work it harder, make it better, do it faster, makes us stronger
-
February 15th, 2006, 12:18 AM
#5
J_K9,
“To be fair,” you’re hoisting the Firefox banner next to your snake oil stand. IE not solid, stable and a waste of time? MS can’t make anything good?? Oh my!
No - I’m gonna resist, I’m not going to do it! Let him believe what he wants...lol
ROTFL
JonnyFrond;
You can leave it in that state if you want. No harm. It can be deleted, but a lot less work to just let it be. If you want to scroll through my posts, you’ll find one on deleting IE and setting up another browser in its place. However, you will encounter problems later when patching Windows etc. Obviously it will be looking for IE.
cheers
Connection refused, try again later.
-
February 15th, 2006, 01:17 AM
#6
Originally posted here by Relyt
J_K9,
“To be fair,” you’re hoisting the Firefox banner next to your snake oil stand. IE not solid, stable and a waste of time? MS can’t make anything good?? Oh my!
No - I’m gonna resist, I’m not going to do it! Let him believe what he wants...lol
ROTFL
Are you assuming that because I was referring to there being solid, stable browsers in the world that IE is not one of those? And that M$ can't make anything good, when in fact I meant that all their software's brilliant? You see - it's all in the way you read it....
lmao
-
February 15th, 2006, 08:48 AM
#7
Member
I don't think security advisors will call this vulnerability critical. But it is still 1 for Firefox and 0 for IE.
The access to the computer or
anything else that shows us how the
world works must be total and
unlimited.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|