Vulnerability Development mailing list archives
Re: IE autosearch
From: White Vampire <whitevampire () mindless com>
Date: Sat, 23 Sep 2000 16:27:47 -0400
On Fri, Sep 22, 2000 at 08:21:16AM -0400, Backup(backup () NLS NET) wrote: : This morning I found something weird and was hoping someone here would know : how to change this. I consider this a security issue since I don't seem to : have any control over my browser telling this site what I'm searching for. : : IE 5.5 current build. : : I've changed all my search and autosearch settings to use yahoo. I've also : set all scripting to "prompt". : : Ok so this morning I mispell a url, I typed in www.southantq.com and up pops : a script prompt which I clicked no on. Now in my address bar I see : http://auto.search.msn.com/response.asp?MT=www.southantq.com&srch=1&prov=yah : o&utf8 : : where the heck is this coming from? I've searched the registry for : "auto.search" but nothing shows up. It's gotta be stored somewhere, anyone : know where? I have seen a lot of odd behavior with IE and referencing Microsoft URLs at inappropriate times. I had been meaning to look into this myself, it is definitely suspicious. It would be a good thing for the vuln-dev list to look into. I really have little factual information to add to this thread, so I apologize for any superfluous information. Regards, -- __ ______ ____ / \ / \ \ / / White Vampire\Rem \ \/\/ /\ Y / http://www.projectgamma.com/ \ / \ / http://www.webfringe.com/ \__/\ / \___/ http://www.gammaforce.org/ \/ "Silly hacker, root is for administrators."
Attachment:
_bin
Description:
Current thread:
- IE autosearch Backup (Sep 23)
- Re: IE autosearch White Vampire (Sep 24)