Re: IE bypasses Zonealarm

Oh, now I understand what...

However recently I brought up the IE browser which is hidden in
Wordpad. ( Click Help Topics in Wordpad, Click the Question Mark top
left and click jump to URL)

....means! Thanks. You're CystalBall was working better than mine. <w>
--
~PA Bear

jwgoerlich@xxxxxxxxx wrote:
It is actually Microsoft HTML Help Executable (hh.exe) rather than
Wordpad or Internet Explorer that is bypassing your security settings.
You can verify this by opening any compiled help (*.chm) file. I had
not known that this could be used to bypass Zonealarm, but it has long
been a security concern in Citrix/Terminal Services environments.

Regards,

J Wolfgang Goerlich

On Aug 28, 1:48 am, Antonicus <anthonyleal...@xxxxxxxxx> wrote:
I have Zonealarm Version 7 and use Opera and Firefox exclusively on
XP.

However recently I brought up the IE browser which is hidden in
Wordpad. ( Click Help Topics in Wordpad, Click the Question Mark top
left and click jump to URL)

I was able to connect towww.aliceinvideoland.co.nz and use its
search functions( even though there was a specific block on " Mobile
code" Zonealarms name for a mix of Javascript, vbscript, Java and
Active X)

Opera and Firefox were unable to get through this block to operate the
search function as one would expect.

When this block was removed Firefox and Opera could then access the
site to use the search function.

This implies that this embedded IE is able to do an end run around
firewalls even though the Firewall is specifically set to black code
from a specific site.

I must admit to be most unpleasantly surprised when IE broke security
in this fashion.
.