Re: MSIE exploit

From: Chris Jackson (chrisj_at_mvps.org)
Date: 08/29/03

Next message: Bill Sanderson: "Re: anything to worry about??..."
Previous message: Del Capslock: "Re: eliminagte pop ups"
In reply to: Jonathan Roy: "MSIE exploit"
Next in thread: Bill Sanderson: "Re: MSIE exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 29 Aug 2003 11:55:04 -0400

You have to give your browser explicit permission to install an ActiveX
control, unless you lower your security settings too low. Go to internet
options, head to the security tab, and bump them up if they are too low -
and never say yes to an ActiveX control installation unless you are sure
that you trust it. ActiveX controls provide some useful functionality
(allowing you to view PDF files in the browser, see Windows Media or
QuickTime movies in the browser, watch Flash animations, and so forth) but
the downside is that it IS executable code running on your machine, so you
can't trust it all.

-- 
Chris Jackson
Software Engineer
Microsoft MVP - Windows XP
Windows XP Associate Expert
-- 
"Jonathan Roy" <roy@idle.com> wrote in message
news:0ca001c36e2c$06472c90$a301280a@phx.gbl...
> Hi there. I recently went to this address by mistake:
>
> http:
> //211.217.224.102
> :4901
>
> I split it into three lines so someone doesn't load it by
> accident. I used active x to make a file on my computer,
> execute it, and then who knows what the computer was doing
> after that point. I managed to control-alt-delete and kill
> the msdos window and the other things it had opened
> quickly.
>
> I'm not sure if this is something preventable by a patch
> but I wouldn't think a web page should be able to create
> executable files and execute them.
>
> -Jonathan
>

Next message: Bill Sanderson: "Re: anything to worry about??..."
Previous message: Del Capslock: "Re: eliminagte pop ups"
In reply to: Jonathan Roy: "MSIE exploit"
Next in thread: Bill Sanderson: "Re: MSIE exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Trouble embedding ActiveX object in HTML using object tag
... > I am trying to embed an ActiveX control that handles barcode scanner ... favorites had to be enabled if you wanted the browser to use them. ... wording seems to indicate that the second computer is using an IE ...
(alt.html)
Re: How to bring ActiveX to top?
... >>I have an application that runs as an ActiveX control within a browser ... >>window in question, or perhaps minimised it. ... >>program I need to bring the browser window containing the control to the ...
(comp.lang.pascal.delphi.misc)
Re: Servicelink and ActiveX controls
... matter what type of browser). ... annoying prompts and pop-ups that an activeX control ... did not execute are gone. ... For IBM-MAIN subscribe / signoff / archive access instructions, ...
(bit.listserv.ibm-main)
Re: What is better than ActiveX
... Actually it can but it has to be allowed by the user when the Java applet ... Basically whatever solution you choose and depending which level of control ... browser plugin. ... I know that ActiveX is an old technology. ...
(microsoft.public.dotnet.framework.aspnet)
RE: Form buttons vs. ActiveX Buttons
... an Activex Control can run in the design mode it selfduring the ... ActiveX Control are OLE Control which works in Windows environment only. ... OTOH a form button can be given the name of the routine to execute when the ... size and color of Active X labels but can't seem to do that for form labels. ...
(microsoft.public.excel.misc)