Vulnerability Development mailing list archives
Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer
From: Bill Weiss <houdini () nmt edu>
Date: Sun, 25 Nov 2001 20:38:29 -0700
Glenn Valenta(glenn () coloradostudios com)@Fri, Nov 23, 2001 at 05:21:21PM -0700:
Bill Weiss wrote:Mariusz Mazur(mariusz () isn pl)@Thu, Nov 22, 2001 at 08:09:46PM +0100:Is this just me or maybe more people think that releasing this "advisory" (though this should be called "intimidator") was completely irresponsible and plain stupid?I think the point was to show us that the MS policy is stupid. There's a hole, obviously it can be found, but MS doesn't want us to know about it.The main facet of the problem is that there is no way to fully disable IE and outlook from any MS product. These seem to have been the foundation for most all of the trojans and viruses the last few years. Just disabling these products would have kept us safe from viruses for the last two years. I'm not sure how I'm going to handle this passport crap yet except to ban XP from our company.
Win98Lite claims to totally take IE out of Windows, and make Windows more stable as a result. I haven't tested it yet. As for Outlook (Express), I've been able to take it off my machine. It took a good deal of registry work, and remembering to redo everything each time I install a IE patch. It's nice not to worry about worms opening it, though. -- Bill Weiss
Current thread:
- [ALERT] Remote File Execution By Web or Mail: Internet Explorer hush . little . baby (Nov 21)
- RE: [ALERT] Remote File Execution By Web or Mail: Internet Explorer Steve (Nov 21)
- Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer Mariusz Mazur (Nov 22)
- Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer Robert Collins (Nov 22)
- Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer Bill Weiss (Nov 22)
- Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer Glenn Valenta (Nov 23)
- Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer Bill Weiss (Nov 25)
- Re[2]: [ALERT] Remote File Execution By Web or Mail: Internet Explorer Mariusz Mazur (Nov 23)
- Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer Markus Kern (Nov 23)
- <Possible follow-ups>
- RE: [ALERT] Remote File Execution By Web or Mail: Internet Explorer Ben Smee (Nov 22)
- Re[2]: [ALERT] Remote File Execution By Web or Mail: Internet Explorer Mariusz Mazur (Nov 23)
- Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer Thomas Schweikle (Nov 27)
- Re: [ALERT] Remote File Execution By Web or Mail: Internet Explorer terry white (Nov 27)