Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer

From: Bill Weiss (houdini@nmt.edu)
Date: 11/26/01 

Date: Sun, 25 Nov 2001 20:38:29 -0700
From: Bill Weiss <houdini@nmt.edu>
To: vuln-dev@securityfocus.com
Subject: Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer
Message-ID: <20011125203829.A12338@nmt.edu>

Glenn Valenta(glenn@coloradostudios.com)@Fri, Nov 23, 2001 at 05:21:21PM -0700:
> Bill Weiss wrote:
> >
> > Mariusz Mazur(mariusz@isn.pl)@Thu, Nov 22, 2001 at 08:09:46PM +0100:
>
> > >
> > > Is this just me or maybe more people think that releasing this
> > > "advisory" (though this should be called "intimidator") was completely
> > > irresponsible and plain stupid?
> > >
> > >
> >
> > I think the point was to show us that the MS policy is stupid. There's a
> > hole, obviously it can be found, but MS doesn't want us to know about
> > it.
>
> The main facet of the problem is that there is no way to fully disable IE and
> outlook from any MS product. These seem to have been the foundation for most
> all of the trojans and viruses the last few years. Just disabling these
> products would have kept us safe from viruses for the last two years. I'm not
> sure how I'm going to handle this passport crap yet except to ban XP from our
> company.
>

Win98Lite claims to totally take IE out of Windows, and make Windows more stable
as a result. I haven't tested it yet.

As for Outlook (Express), I've been able to take it off my machine. It took a
good deal of registry work, and remembering to redo everything each time I install
a IE patch. It's nice not to worry about worms opening it, though.
 
-- Bill Weiss

Relevant Pages

  • Receiving Viruses every 2nd Day
    ... Every 2nd Day I keep on receiving Different Viruses on my ... email at outlook. ... I am using XP windows (profession) & have a Sygate ...
    (microsoft.public.security.virus)
  • Re: Outlook Express Out of Office Reply
    ... I have also checked for viruses ... and spyware. ... My version of Outlook Express is 6.00.2900.2180 running on ... Windows XP. ...
    (microsoft.public.outlook)
  • Re: Iexplorer cpu usage 97% at startup
    ... If only viruses were the only bad things out there. ... Trojans, spyware, adware and other scumware exists. ... using Windows XP "prettifications". ... You should at least turn on the built in firewall. ...
    (microsoft.public.windowsxp.perform_maintain)
  • Re: Outlook Express Stuck on the Local Folders Page, and will not open
    ... > I have Outlook Express and I am stuck on a page that says Local Folders. ... Turn off email scanning in your antivirus software. ... Windows 2000 and Windows XP. ... Windows XP Service Pack 2 Resources for IT Professionals ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: can not open it ..help me please
    ... >> i ues outlook express but i can not open it any more,i ... You Install SP1 ... Turn off email scanning in your antivirus software. ... >Windows 2000 and Windows XP. ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)