Re: Spybot's DSO Exploit
From: FM (fm_at_ncinternet.com)
Date: Wed, 8 Sep 2004 21:42:13 -0700
Dear "a nonny mouse"
Here is a comment from different forum:
"Actually in my registry the key is a string value and it's left blank. Here
is a quote from the Spybot forum. Note that if you have properly updated and
patched your XP OS this is not an issue any more. The problem was fixed by a
patch ages ago. Get updated and you won't have this problem."
Given that anyone who is properly patched (via Windows Update) is not
vulnerable to this exploit anymore, this is really not a serious issue, so
provided your system is patched, you have nothing to worry about and can
ignore this until the fix comes out.
>From Spybot, here is the quote. "Well, yes and no. You see, there are
reports of this issue here in the Spybot forum, which shows that it is
for a lot of people, so in that sense it's normal - meaning your system is
Basically what's happening is that Spybot is finding that the security
setting for "Download unsigned ActiveX controls" for the (normally) hidden
"My Computer" zone in Internet Explorer is not set to disabled.
My computer is properly patched. However better safe than sorry. Personally,
I got tired of waiting and got a lot more piece of mind by manually fixing