Re: Admin.dll (strings ./Admin.dll)

From: Gary Flynn (flynngn@jmu.edu)
Date: 09/19/01

• Previous message: Ray Simard: "Re: New Worm"
• In reply to: Robert D.: "Re: Admin.dll (strings ./Admin.dll)"
• Next in thread: Gary Flynn: "Re: Admin.dll (strings ./Admin.dll)"
• Next in thread: TJ Jablonowski: "Re: Admin.dll (strings ./Admin.dll)"
• Next in thread: Isherwood Jeff C Contr AFRL/IFOSS: "RE: Admin.dll (strings ./Admin.dll)"
• Reply: Gary Flynn: "Re: Admin.dll (strings ./Admin.dll)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Message-ID: <3BA7CC57.8257965E@jmu.edu>
Date: Tue, 18 Sep 2001 18:36:07 -0400
From: Gary Flynn <flynngn@jmu.edu>
To: "Robert D." <xkill@dingoblue.net.au>
Subject: Re: Admin.dll (strings ./Admin.dll)

"Robert D." wrote:
>
>
> I'm I correct assuming this is the same problem discussed in MS00-043?

I think its MS01-033.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-033.asp

That is probably for the better though. As I understand it,
the MS00-043 defect would trigger as soon as Outlook was started
and it read the mail headers. :(

> In that case the following configurations are safe:
>
> IE 5.01 SP1 or later
> IE 5.5 or later ( except Windows 2000, sp1 safe?? )

If its MS01-033, they're not :)

Worse, only 5.01sp1 and 5.5sp1 have patches available for
them. That means the Windows Update Site doesn't help.
I just went there with 5.50.4134.0600IS and it didn't tell
me I needed the patch.

You haven't lived until you've tried to talk a Windows 95
user with IE3 through the update process. :(

http://www.jmu.edu/computing/info-security/engineering/issues/iemime.shtml

-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University
Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe

---

• Previous message: Ray Simard: "Re: New Worm"
• In reply to: Robert D.: "Re: Admin.dll (strings ./Admin.dll)"
• Next in thread: Gary Flynn: "Re: Admin.dll (strings ./Admin.dll)"
• Next in thread: TJ Jablonowski: "Re: Admin.dll (strings ./Admin.dll)"
• Next in thread: Isherwood Jeff C Contr AFRL/IFOSS: "RE: Admin.dll (strings ./Admin.dll)"
• Reply: Gary Flynn: "Re: Admin.dll (strings ./Admin.dll)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Admin.dll (strings ./Admin.dll) ... Subject: Admin.dll (strings ./Admin.dll) ... "Robert D." ... > I'm I correct assuming this is the same problem discussed in MS00-043? ... That means the Windows Update Site doesn't help. ... (Incidents) Re: Admin.dll (strings ./Admin.dll) ... Subject: Admin.dll (strings ./Admin.dll) ... >> I'm I correct assuming this is the same problem discussed in MS00-043? ... Arghh. ... That means the Windows Update Site doesn't help. ... (Incidents) Re: Admin.dll (strings ./Admin.dll) ... Subject: Admin.dll (strings ./Admin.dll) ... >> I'm I correct assuming this is the same problem discussed in MS00-043? ... Arghh. ... That means the Windows Update Site doesn't help. ... (Vuln-Dev)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > vuln-dev  > 2001-09