Re: Patch 810847 for MSIE 5.5 SP2 / New (?) JS trojan combination
From: AStein (AStein@thealaskaclub.com)
Date: 01/15/03
- Next message: Zain: "Group Policies"
- Previous message: George Hester: "Re: Found another Bug it looks like in Windows 2000"
- In reply to:(deleted message) Pierce Inverarity: "Re: Patch 810847 for MSIE 5.5 SP2 / New (?) JS trojan combination"
- Next in thread: Bill Sanderson: "Re: Patch 810847 for MSIE 5.5 SP2 / New (?) JS trojan combination"
- Reply: Bill Sanderson: "Re: Patch 810847 for MSIE 5.5 SP2 / New (?) JS trojan combination"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "AStein" <AStein@thealaskaclub.com> Date: Wed, 15 Jan 2003 11:11:38 -0800
Finally, someone else has seen this. I though I was the
only one who noticed it.
At first I thought it was a "hush hush" fix for that nasty
update Q328310 that has been causing so many blue screens
on NT 4 workstations. MS still hasn't owned up to that one
yet. I found it strange that the patch was designated as
CRITICAL yet there was no mention of it ANYWHERE on the
internet, including the MS support sites.
My first post to the MS newsgroup NT/Miscellaneous never
showed up and I had about given up hope. If the patch
fixes a flaw, great, I'm all for it! However, I think we
are entitled to know what that flaw was and what was done
to correct it.
>-----Original Message-----
>On Thu, 9 Jan 2003 13:51:15 -0800, "russ"
<rshmerl@itecref.com> wrote:
>
>>Today, critical update service for NT 4.0 has patch
810847
>>listed for MSIE SP2. No information about it is on
>>Microsoft site. What is it?
>
>A coworker suffered an exploit two days ago that, I
believe, is the
>reason for the patch. I've never seen or heard of
anything exactly
>like it, anyway. To quote a message I posted elsewhere:
>
>MSIE was hit by a search-page replacement JS exploit, but
this was
>much more invasive than the norm. I counted about twenty
iterations
>of the alternate (porn) URL in the registry, and the
author of the
>exploit seems to have discovered a way to change the
Internet Options
>control panel applet substantially. The Security and
Advanced tabs
>have been removed entirely and the Home page option in
the General tab
>is greyed out.
>
>McAfee caught at least one of the trojans in execution,
JS/NoClose,
>though it just functioned to hold open the browser while
the security
>zone was set low and other registry changes were made.
>
>Now, I think I found the solution to the disabled "Home
page" option:
>deleting
HKCU|Software|Policies|Microsoft|InternetExplorer|Control
>Panel|Home, but I won't be able to test it until tomorrow.
>
>Anyone else have thoughts or insight on the patch or the
trojan
>combination?
>.
>
- Next message: Zain: "Group Policies"
- Previous message: George Hester: "Re: Found another Bug it looks like in Windows 2000"
- In reply to:(deleted message) Pierce Inverarity: "Re: Patch 810847 for MSIE 5.5 SP2 / New (?) JS trojan combination"
- Next in thread: Bill Sanderson: "Re: Patch 810847 for MSIE 5.5 SP2 / New (?) JS trojan combination"
- Reply: Bill Sanderson: "Re: Patch 810847 for MSIE 5.5 SP2 / New (?) JS trojan combination"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
