Re: Items within XP SP2 and Win2003

From: kyle (kyle_at_inetconnection.com)
Date: 09/27/04

  • Next message: Depp, Dennis M.: "RE: Items within XP SP2 and Win2003" 
    To: "Depp, Dennis M." <deppdm@ornl.gov>, focus-ms@securityfocus.com
Date: Mon, 27 Sep 2004 07:03:56 -0500

    I believe the drag and drop error that works with IE and SP2 was a new
    problem. I know there were more, but that was the largest one. (if you are
    not familiar with it, basically a webmaster can code it so by moving the
    mouse on the page, he has the ability to install anything and bypass your
    firewall) And I've seen ways people can get around the "active x install
    protection/download protection" that microsoft has included (a simple string
    tells it you already hit yes)
    I think that if you don't have to upgrade to SP2, don't. Get a real firewall
    (ex: zone alarm, shorewall, or make a hardware one like smoothwall) and keep
    them up to date. They specialize in security, while m$ admitted they wont be
    secure until 2010 (see slashdot for more info on that)

    On Monday 27 September 2004 06:14 am, you wrote:
    > Interesting comment. The arbitrary code exploits you mentioned, are
    > these unique to SP2 or does SP1 fall prey to them as well. I am not
    > aware of any exploits that are unique to SP2. The firewall is not
    > perfect I will admit, but it is a vast improvement over its
    > predecdessor. The current firewall is great for a home machine.
    > However, when you use the wizard to poke holes in the firewall, they
    > seem to be much larger than needed. I think a better analogy for the
    > firewall is a privacy fence, but when you use the wizard to open the
    > firewall, often you are removing several boards when a knot hole would
    > have worked just as well.
    >
    > Denny
    >

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

  • Next message: Depp, Dennis M.: "RE: Items within XP SP2 and Win2003"

    Relevant Pages

    • Re: question about clean install after SP2
      ... > After SP2 install my IE was seriously defective. ... You should periodically defragment your hard drives as well as check them ... using Windows XP "prettifications". ... You should at least turn on the built in firewall. ...
      (microsoft.public.windowsxp.help_and_support)
    • Re: Browser Adverts????????
      ... With everything in this list and SP2.. ... It contains advice ... using Windows XP "prettifications". ... You should at least turn on the built in firewall. ...
      (microsoft.public.windowsxp.help_and_support)
    • Re: Service Pack 2 destroyed my C: drive
      ... > I installed SP2 using the CDROM on an XP Pro system. ... It contains advice ... Windows XP, I suggest you clean up your system first. ... You should at least turn on the built in firewall. ...
      (microsoft.public.windowsxp.setup_deployment)
    • Re: What to do??
      ... Just install SP2 ... It contains advice ... > Windows XP, I suggest you clean up your system first. ... You should at least turn on the built in firewall. ...
      (microsoft.public.windowsxp.general)
    • Re: What to do??
      ... Just install SP2 ... You should periodically defragment your hard drives as well as check them ... using Windows XP "prettifications". ... You should at least turn on the built in firewall. ...
      (microsoft.public.windowsxp.general)
    • Quantcast