I heard that the recent RDS/MSDACS vulnerability had a patch out (MS0-065 I think was the one) that didn't fix the problem for good, only a temp fix. Now Microsoft has released the next cumulative patch for IE (Q324929) which includes the MSDACS fix, and I was wondering if anyone knew if that fix worked on a more permanent basis? I applied the patch and then ran a scan using the two plugins that go through port 80 to find the file, and they pick up the file and label it as vulnerable, however they only look for the file, not check to see if it's still exploitable, so I'm still not sure if the new patch works or not.
Robert Alvey
Code 19, Apprentice
(360) 315-3159
A+ Certified, CFOI
