Re: Admin.dll (strings ./Admin.dll)

[Gary Flynn <flynngn () jmu edu>]

Gary Flynn wrote:
> "Robert D." wrote:
> > I'm I correct assuming this is the same problem discussed in MS00-043?
>
> I think its MS01-033.
> http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-033.asp

Arghh. I'm getting punchy and trying to do too many things at
once. That should be MS01-020.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-020.asp

> That is probably for the better though. As I understand it,
> the MS00-043 defect would trigger as soon as Outlook was started
> and it read the mail headers. :(
>
> > In that case the following configurations are safe:
> >
> > IE 5.01 SP1 or later
> > IE 5.5 or later ( except Windows 2000, sp1 safe?? )
>
> If its MS01-033, they're not :)
>
> Worse, only 5.01sp1 and 5.5sp1 have patches available for
> them. That means the Windows Update Site doesn't help.
> I just went there with 5.50.4134.0600IS and it didn't tell
> me I needed the patch.
>
> You haven't lived until you've tried to talk a Windows 95
> user with IE3 through the update process. :(
>
> http://www.jmu.edu/computing/info-security/engineering/issues/iemime.shtml
>
> --
> Gary Flynn
> Security Engineer - Technical Services
> James Madison University
>
> Please R.U.N.S.A.F.E.
> http://www.jmu.edu/computing/runsafe


-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe