Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

IE 6.0 Vulnerability...


  • Please log in to reply

#1
ke6ziu

ke6ziu

    Member

  • Member
  • PipPip
  • 30 posts
Hello, all...I'm back.
Anyway, for all of you MS Internet Explorer users, here's another reason why you shouldn't use Internet Explorer. At least the fix for it is easy. Read on!!!

Another MSIE Vulnerability
@ Dec 15 2001, 09:12 (UTC-7)
From: stand__sure :
(© by bugtraq) There is a bug in the Microsoft.XMLHTTP component shipped with Internet Explorer 6 which allows reading and sending local files (exampleexample[/url]).
This component doesn't handle http redirects to local files properly. In order for this exploit to work the file name must be known. The exploit doesn't distinguish between extensions, binary or textual content which may make it a high risk exploit. The bug has been demonstrated on Win98/IE 6 and WinXP/IE 6 and probably exists in previous versions as well. The workaround is to disable active scripting or set it to prompt.

Anyway, here's the fix...
On the menu bar, look for tools, and click on it.
(This is the path: tools\internet options\security)
When you see the tab labeled "security," click on it...
Next, look for the option labeled "Security level for this zone," and click the button marked "custom level." Now, scroll down until you see "scripting." When you see this, you should see "active scripting;" There are 3 options; 1)Disable, 2)Enable, and 3)Prompt. Check 1)Disable, and click ok. This will fix the IE bug, and save your box from some script kiddie from getting root access to your machine(hopefully...).

This is food for thought; whatever you do with it is totally up to you. Information is power! :tazz:
  • 0

Advertisements


#2
Darkmocha

Darkmocha

    Member

  • Member
  • PipPip
  • 36 posts
Windows has a root account now?

Anyway wasn't that vulnerability found like 4 years ago? I'm pretty sure that's been fixed or anyone who has information that needs protecting have the proper firewalls and IE settings.
  • 0

#3
ke6ziu

ke6ziu

    Member

  • Topic Starter
  • Member
  • PipPip
  • 30 posts

Windows has a root account now?

Anyway wasn't that vulnerability found like 4 years ago?  I'm pretty sure that's been fixed or anyone who has information that needs protecting have the proper firewalls and IE settings.

View Post

Yeah, it was, but has M!cr0$0ft done anything about it? They're finally releasing a critical update to correct the problem. But, I've found out the update doesn't stop the problem. So, problem not solved...
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP