Re: Semi OT: Lockdown tool kills VBA??

From: Rob Hughes (not@this.com)
Date: 02/27/03


From: "Rob Hughes" <not@this.com>
Date: Thu, 27 Feb 2003 19:48:21 GMT


I think maybe everyone is focusing on IIS too much. I don't think Office is
making a request to IIS (and there is nothing in the log to give me that
impression either). It just can't load the VB environment or run a macro.
But that happened after running the Lockdown tool so I was wondering if
anyone had heard of that side-effect from running the lockdown tool before.

Thanks for the reply.

"David Wang [Msft]" <someone@online.microsoft.com> wrote in message
news:ufQzROp3CHA.2516@TK2MSFTNGP11.phx.gbl...
> Check the URLScan LOG file in %SYSTEMROOT%\System32\inetsrv\urlscan\*.log.
> It will tell you what requests are rejected and why. It is likely that
> URLScan is rejecting requests made by Office that use features that you've
> locked down.
>
> --
> //David
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> //
> "Rob Hughes" <not@this.com> wrote in message
> news:Rjp7a.55595$9i7.4131149@twister.southeast.rr.com...
> I know this is a little off-topic here but I ran the IIS Lockdown tool
> yesterday and now I can't run macros in any Office application. I can't
even
> bring up the VB editor. (I've tryied re-installing Office, no luck.) Has
> anyone heard of a connection between these to before??
>
>
>



Relevant Pages

  • Re: Semi OT: Lockdown tool kills VBA??
    ... and you mention it is not working after urlscan ... > I think maybe everyone is focusing on IIS too much. ... > anyone had heard of that side-effect from running the lockdown tool ... >> It will tell you what requests are rejected and why. ...
    (microsoft.public.inetserver.iis.security)
  • Microsoft Security Advisory MS 03-007
    ... It's likely that most servers that can be patched ... threat to a lot of the servers if you only consider the IIS ... CONFIGURATIONS OF THE IIS LOCKDOWN TOOL DO LEAVE WEBDAV ... WebDAV requests are processed in the httpext.dll. ...
    (Focus-Microsoft)
  • Re: Microsoft Security Advisory MS 03-007
    ... announcement covers IIS 5.1 but not IIS 6, ... > You say "IIS servers are actively being compromised already, ... -- permissions are checked on httpext.dll to see if Anonymous request ... CONFIGURATIONS OF THE IIS LOCKDOWN TOOL DO LEAVE WEBDAV ...
    (Bugtraq)
  • RE: Microsoft Security Advisory MS 03-007
    ... announcement covers IIS 5.1 but not IIS 6, ... > You say "IIS servers are actively being compromised already, ... -- permissions are checked on httpext.dll to see if Anonymous request ... CONFIGURATIONS OF THE IIS LOCKDOWN TOOL DO LEAVE WEBDAV ...
    (Bugtraq)
  • Re: IIS Warm Up Period
    ... With stable web components, IIS will run ... > Is there a way to tell the IIS to start accepting the requests only after ... >> website, though. ... The load time for those settings is about 3 ...
    (microsoft.public.inetserver.iis)