funsec mailing list archives
RE: Re: Image-handling flaws put Windows PCs at risk
From: "Wolfe, James M" <james.m.wolfe () lmco com>
Date: Wed, 09 Nov 2005 09:11:54 -0500
I remember when the VBS viruses started making the rounds if you had an NT 4 machine you could simply delete scrrun.dll and you'd be OK. Win 2K on the other hand which was just coming out at the time would put the file back no matter if you deleted it, renamed it, or tried sticking in a zero byte file. So much for being able to remove features that you don't want. Regards, James -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Richard M. Smith Sent: Tuesday, November 08, 2005 8:03 PM To: funsec () linuxbox org Subject: [funsec] Re: Image-handling flaws put Windows PCs at risk Re: http://news.com.com/Image-handling+flaws+put+Windows+PCs+at+risk/2100-10 02_3 -5940047.html?tag=nefd.top (AKA http://tinyurl.com/amy44) When I see these kind of bugs, I always wonder if there is some way to turn off the unneeded feature rather than getting a patch. Disabling the feature protects against the next security hole in the unneeded feature...... I also wonder if there is a some method of scanning the registry to learn about all the image file formats that IE supports in the <img> tag and similar tags. Last time I checked, the GIF and JPEG formats are all we need. Richard _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Image-handling flaws put Windows PCs at risk Richard M. Smith (Nov 08)
- Re: Re: Image-handling flaws put Windows PCs at risk Jeff Rosowski (Nov 08)
- <Possible follow-ups>
- RE: Re: Image-handling flaws put Windows PCs at risk Wolfe, James M (Nov 09)
- RE: Re: Image-handling flaws put Windows PCs at risk Richard M. Smith (Nov 09)
- RE: Re: Image-handling flaws put Windows PCs at risk Barrie Dempster (Nov 10)
- RE: Re: Image-handling flaws put Windows PCs at risk James Eaton-Lee (Nov 10)
- RE: Re: Image-handling flaws put Windows PCs at risk Wolfe, James M (Nov 10)
- RE: Re: Image-handling flaws put Windows PCs at risk Barrie Dempster (Nov 10)
- RE: Re: Image-handling flaws put Windows PCs at risk Drsolly (Nov 10)
- RE: Re: Image-handling flaws put Windows PCs at risk James Eaton-Lee (Nov 10)
- RE: Re: Image-handling flaws put Windows PCs at risk Drsolly (Nov 10)
- RE: Re: Image-handling flaws put Windows PCs at risk Barrie Dempster (Nov 10)