Workaround for stopping MS2003-030 exploitation via HTML?

From: Johnson, Jeff FOR:EX (Jeff.S.Johnson_at_GEMS1.GOV.BC.CA)
Date: 07/25/03

  • Next message: thalm: "[ANNOUNCE] IISShield v1.0" 
    Date:         Fri, 25 Jul 2003 14:31:00 -0700
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    CERT recently issued an advisory about this vulnerability (CA-2003-18,
    http://www.cert.org/advisories/CA-2003-18.html) that said that setting the
    Internet Explorer 'Run ActiveX Controls' security setting to disable in
    appropriate IE security zones would prevent exploitation of this in web
    pages and HTML-format email. This sort of makes sense, since media player
    can be used as an ActiveX control.

    Can anyone confirm that this is really true, though?

    Jeff Johnson
    Technical Development Analyst, MoF IMG
    Jeff.S.Johnson@gems1.gov.bc.ca

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!

    With a growth rate exceeding 110%, the TICSA security practitioner
    certification is one of the hottest IT credentials available. And now, for
    a limited time, you can save 33% off of the TICSA certification exam! To
    learn more about the TICSA certification, and to register as a TICSA
    candidate online, just go to

    http://www.trusecure.com/offer/s0100/

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

  • Next message: thalm: "[ANNOUNCE] IISShield v1.0"

    Relevant Pages

    • Re: Workaround for stopping MS2003-030 exploitation via HTML? [VU#561284]
      ... >Internet Explorer 'Run ActiveX Controls' security setting to disable in ... >appropriate IE security zones would prevent exploitation of this in web ... Summer's Hottest Certification Just Got HOTTER! ... you can save 33% off of the TICSA certification exam! ...
      (Cert)
    • Re: Drivial Pursuit: Internet Explorer Browser & Your Files and Folders !
      ... The default Enhanced Security Configuration of IE ... access to files and folders on the local machine from the internet. ... With a growth rate exceeding 110%, the TICSA security practitioner certification is one of the hottest IT credentials available. ... And now, for a limited time, you can save 33% off of the TICSA certification exam! ...
      (NT-Bugtraq)
    • MSTDC Security Configuration Resources
      ... After some digging into the MSDTC Event issue for people, ... DTC Security Considerations - Overview of Managing Features ... Summer's Hottest Certification Just Got HOTTER! ... you can save 33% off of the TICSA certification exam! ...
      (NT-Bugtraq)
    • Re: [Fwd: Re: AIM Password theft]
      ... if you are going to subscribe to a SECURITY mailinglist you will have ... OutOfOffice bounces are, and would recommend to include a tiny POC in any troll ... Summer's Hottest Certification Just Got HOTTER! ... you can save 33% off of the TICSA certification exam! ...
      (NT-Bugtraq)
    • Re: Norton Internet Security 2003 blacklist fault?
      ... "a.com" can be both a portion of a domain and a host name. ... it's security companies that make ... Summer's Hottest Certification Just Got HOTTER! ... you can save 33% off of the TICSA certification exam! ...
      (NT-Bugtraq)