Re: Spybot's DSO Exploit

From: FM (fm_at_ncinternet.com)
Date: 09/09/04 

Date: Wed, 8 Sep 2004 21:42:13 -0700

Dear "a nonny mouse"

Here is a comment from different forum:

"Actually in my registry the key is a string value and it's left blank. Here
is a quote from the Spybot forum. Note that if you have properly updated and
patched your XP OS this is not an issue any more. The problem was fixed by a
patch ages ago. Get updated and you won't have this problem."

Given that anyone who is properly patched (via Windows Update) is not
vulnerable to this exploit anymore, this is really not a serious issue, so
provided your system is patched, you have nothing to worry about and can
just
ignore this until the fix comes out.

>From Spybot, here is the quote. "Well, yes and no. You see, there are
several
reports of this issue here in the Spybot forum, which shows that it is
happening
for a lot of people, so in that sense it's normal - meaning your system is
reacting like
many others.".

Basically what's happening is that Spybot is finding that the security
setting for "Download unsigned ActiveX controls" for the (normally) hidden
"My Computer" zone in Internet Explorer is not set to disabled.

My computer is properly patched. However better safe than sorry. Personally,
I got tired of waiting and got a lot more piece of mind by manually fixing
the problem.

FM

Relevant Pages

  • Re: Guitar pickup output impedance
    ... I don't use Excel much, ... FORTRAN program to do it. ... then *poof* the forum disappeared without warning. ... the string is moving opposite directions on the two bucker poles. ...
    (alt.guitar)
  • Re: where in registry can i change internet options: general & con
    ... please understand that your forum CAN resolve the issue but choose NOT to. ... established - the incompetence of leaving registry open to changes by my IT ... > And keep in mind that if your admin. ...
    (microsoft.public.windowsxp.basics)
  • Re: Convert.FromBase64String() and ViewState
    ... Asp.Net serializes ‘C’ ... into Base64 string. ... if you post in an appropriate forum, ... each character in the deserialized output. ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Good registry cleaner?
    ... Here is the forum I found when I had a question about Windows 7 I ... United Kingdom ... Registry Status: clientDeleteProhibited ...
    (microsoft.public.windowsxp.general)
  • Re: Threading on Functions returning values
    ... People like you are very Important for this forum. ... delegate string MyDelegate; ... the delegate returns a value, so too does the Invoke() method. ...
    (microsoft.public.dotnet.framework)