Re: IE autosearch

[White Vampire <whitevampire () mindless com>]

On Fri, Sep 22, 2000 at 08:21:16AM -0400, Backup(backup () NLS NET) wrote:
: This morning I found something weird and was hoping someone here would know
: how to change this. I consider this a security issue since I don't seem to
: have any control over my browser telling this site what I'm searching for.
: 
: IE 5.5 current build.
: 
: I've changed all my search and autosearch settings to use yahoo. I've also
: set all scripting to "prompt".
: 
: Ok so this morning I mispell a url, I typed in www.southantq.com and up pops
: a script prompt which I clicked no on. Now in my address bar I see
: http://auto.search.msn.com/response.asp?MT=www.southantq.com&srch=1&prov=yah
: o&utf8
: 
: where the heck is this coming from? I've searched the registry for
: "auto.search" but nothing shows up. It's gotta be stored somewhere, anyone
: know where?

        I have seen a lot of odd behavior with IE and referencing
Microsoft URLs at inappropriate times.  I had been meaning to look into
this myself, it is definitely suspicious.  It would be a good thing for
the vuln-dev list to look into.

        I really have little factual information to add to this thread,
so I apologize for any superfluous information.

Regards,
-- 
    __      ______   ____
   /  \    /  \   \ /   / White Vampire\Rem
   \   \/\/   /\   Y   /  http://www.projectgamma.com/
    \        /  \     /   http://www.webfringe.com/
     \__/\  /    \___/    http://www.gammaforce.org/
          \/ "Silly hacker, root is for administrators."

Attachment: _bin
Description: