Bugtraq mailing list archives
Re: Microsoft Security Bulletin MS01-012
From: foobar () COTSE COM
Date: Tue, 27 Feb 2001 16:06:00 -0500
On Tue, 27 Feb 2001 01:04:04 +0200, Philip Stoev wrote: | > >Mitigating Factors: | > >==================== | > > - There is no means by which a Vcard could be made to open | > > automatically. | > | > This is not entirely accurate. If you are in the habit of collecting these | > odd things, you will have most certainly uncheck-marked the security | warning | > a long time ago. In that case it is less than trivial to open the Vcard | > automatically: | | On IE 5.50.4522.180 with OE 5.50.4133.2400 on Windows 2000 Professional SP1, | the user is always prompted. There is no way to uncheck the "ask me" box, | because it is disabled (except by editing the registry). I think this also | applies for the initial OE 5. | | Philip Internet Explorer 5.50.4522.1800 with Outlook Express 5.50.*4522.1200* has it and functions per the demonstration. Definitely a kicker if you have ever opened vcards in newsgroup posts or mail, you disengage the warning the first time. To enable the warning again, on win9X do my computer|folder options|file types|vcard|edit|[x] confirm open after download HTH Foo
Current thread:
- Microsoft Security Bulletin MS01-012 Microsoft Product Security (Feb 23)
- <Possible follow-ups>
- Re: Microsoft Security Bulletin MS01-012 joelmoses (Feb 26)
- Re: Microsoft Security Bulletin MS01-012 http-equiv () excite com (Feb 26)
- Re: Microsoft Security Bulletin MS01-012 Philip Stoev (Feb 27)
- Re: Microsoft Security Bulletin MS01-012 Chris Timmons (Feb 28)
- Re: Microsoft Security Bulletin MS01-012 Philip Stoev (Feb 27)
- Re: Microsoft Security Bulletin MS01-012 foobar (Feb 28)