IE vulnerability not completely covered by last patch

anonymous_at_discussions.microsoft.com
Date: 12/04/03 

Date: Thu, 4 Dec 2003 12:28:34 -0800

Fred,
None of them and all of them. Each one of those items
have a 'setting'. Depending on the parameters, they can
hold different information. Generally, 0 is off, 1 is
on. But they can be different from 'off' and 'on'.

Please be cautious. You sound like you're on the verge
of a very big cliff.

Good Luck,
sysadmin - anon
>-----Original Message-----
>I do hope I have come to the right place to post my
>question.
>It has been brought to my attention that the last patch
>did not completely resolve the vulnerability issue in
>Internet Explorer and that officials at the CERT
>Coordination Center suggest that editing the Registry by
>means of a "key" deletion or name change would bring
>about the desired results. The key that needs to be
>renamed or deleted is:
>HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MIME\Database\Content
 
>Type\application/hta.
>I am somewhat of a novice but I am learning. I have made
>registry changes only under the instructions of someone
>knowledgeable enough to walk me through the process
>therefore, I am uncomfortable at changing the name or
>deleting something in there. When I opened "Regedit" and
>eventually found the folder above, it contained three
>entrees ("Default", "CLSID" and "Extension"). Which one
>is the "Key"? Do I delete all or, change the name of all
>of three? Or, Do I just change the name of the folder in
>the tree view in the left window pane?
>
>Your Friend,
>fhurst
>.
>

Quantcast