Re: DNS changed...

From: Kent W. England [MVP] (kwe_at_mvps.org)
Date: 10/03/03

• Next message: Kent W. England [MVP]: "Re: Problem with Google"
• Previous message: Bill Sanderson: "Re: Port 27374...again"
• In reply to: Bill Sanderson: "Re: DNS changed..."
• Next in thread: Bill Sanderson: "Re: DNS changed..."
• Reply: Bill Sanderson: "Re: DNS changed..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Thu, 2 Oct 2003 18:42:59 -0700

That seems to be the case, as reported by
http://vil.nai.com/vil/content/v_100719.htm. You can workaround this
vulnerability in a couple of ways:

1) set your personal firewall to disallow mshta.exe from sending TCP
data outbound
2) dissociate .hta files from mshta.exe, using Folder Options control
panel

In either case, you prevent .hta files from being executed/viewed.

-- 
Kent W. England, Microsoft MVP for Windows
"Bill Sanderson" <Bill_Sanderson@msn.com.plugh.org> wrote in message
news:ulvWovKiDHA.1872@TK2MSFTNGP10.phx.gbl...
> I'm confused as well.  I suspect what this means is that this is a
> vulnerability described in MS 03-032, but not, in fact, patched by the
> associated patch.  There have been rumors of such since this patch
came out,
> acknowledged by MS in revisions of the bulletin, but no new patch has
come
> out.
>
> "Mike Beauchamp" <newsgroups@mikebeauchamp.com> wrote in message
> news:blgb4s0kvp@enews1.newsguy.com...
> > You have me a little confused here..  You say that the vulnerability
> > involved is MS03-032, yet the link included in your copy-paste says:
> >
> > NOTE: The MS03-032 patch does not protect against this attack
vector. This
> > allows for the automatic execution of VBScript contained in an HTML
file
> > (x.hta)
> >
> > Also, when I go to Windows Update, I see no critical updates that I
can
> > install. Yet I somehow managed to get this virus..
> >
> > Mike
>
>

---

• Next message: Kent W. England [MVP]: "Re: Problem with Google"
• Previous message: Bill Sanderson: "Re: Port 27374...again"
• In reply to: Bill Sanderson: "Re: DNS changed..."
• Next in thread: Bill Sanderson: "Re: DNS changed..."
• Reply: Bill Sanderson: "Re: DNS changed..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Download.ject - commentary - LONG ... > patch recently released by Microsoft. ... > vulnerability in question, but instead is just a partial workaround. ... > Granted these are known security best practices related to Internet ... > a new default browser to users and hope that it will be safe enough. ... (microsoft.public.win2000.security) Vulnerability Details for MS02-012 ... Microsoft released a patch for a denial of service ... vulnerability in the Windows 2000 SMTP component. ... This bug affects all Windows 2000 systems running the SMTP service that have ... (Bugtraq) Microsoft Security Bulletin MS01-044 ... Subject: Microsoft Security Bulletin MS01-044 ... 15 August 2001 Cumulative Patch for IIS ... - A denial of service vulnerability that could enable an attacker ... (Bugtraq) [NT] 15 August 2001 Cumulative Patch for IIS ... Microsoft has released an important patch for IIS administrators. ... * A denial of service vulnerability that could enable an attacker to ... (Securiteam) McAfee ePolicy Orchestrator Format String Vulnerability (a031703-1) ... ePolicy Orchestrator Format String Vulnerability ... on the host they wish to compromise. ... The vendor has made a patch available. ... (Bugtraq)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)