Re: IE Security Hole

2002-02-28 Thread Nick McClure
Not using Linux on the desktop (yet), but I get that same grin, Seing I still use netscape and eudora. >Yup... don't use IE!!!:^) > >I have to admit that since switching to Linux, a smug little grin >appears on my face everytime I hear people mention security holes in IE >and Windows, or tha

Re: IE Security Hole

2002-02-28 Thread Nick Texidor
On Fri, 2002-03-01 at 03:04, Nick McClure wrote: > I'm > not sure how you could protect your users against this kind of attack. > Suggestions anyone? Yup... don't use IE!!!:^) I have to admit that since switching to Linux, a smug little grin appears on my face everytime I hear people mention

RE: RE: IE Security Hole

2002-02-28 Thread Nick McClure
To an extent. Just because this guy put C: in the list of possible locations. It would be easy enough to list through a few major hard dive locations. One thing that would save you, Not naming the directory winnt or windows. MS recommends that you not use the default names if you are worried a

RE: RE: IE Security Hole

2002-02-28 Thread Kola Oyedeji
Aha so simply by installing my operating system on another drive other than c I have protected myself! ;-) Kola > -Original Message- > From: Mike Townend [mailto:[EMAIL PROTECTED]] > Sent: 28 February 2002 17:48 > To: CF-Community > Subject: RE: RE: IE Security Hole >

RE: RE: IE Security Hole

2002-02-28 Thread Mike Townend
17:39 To: CF-Community Subject: RE: RE: IE Security Hole I'm using win 2k professional does that make a difference? Kola > > It will only work on OS'es with "cmd.exe" as a command interpreter... > Windows

RE: RE: IE Security Hole

2002-02-28 Thread Kola Oyedeji
I'm using win 2k professional does that make a difference? Kola > > It will only work on OS'es with "cmd.exe" as a command interpreter... > Windows XP and Win2000. ME, 98, 95 and NT 4 still use command.com. > __ Your ad co

Re: IE Security Hole

2002-02-28 Thread Todd
I've already noticed that if you change the value in %1=' ', it affects what directory path is listed. Todd - Original Message - From: "Mike Townend" <[EMAIL PROTECTED]> To: "CF-Community" <[EMAIL PROTECTED]> Sent: Thursday, February

Re: Re:RE: IE Security Hole

2002-02-28 Thread Todd
Well, you can add the paths to command.com in to the array also and it will work on those OS' too. ;) Todd - Original Message - From: "C. Hatton Humphrey" <[EMAIL PROTECTED]> To: "CF-Community" <[EMAIL PROTECTED]> Sent: Thursday, February 28, 2002

RE: IE Security Hole

2002-02-28 Thread Mike Townend
So if anyone can post how I could pass them in.. As im having issues working that out (not used the tag) were gonna play with the boss ;) -Original Message- From: Mike Townend [mailto:[EMAIL PROTECTED]] Sent: 28 February 2002 17:10 To: CF-Community Subject: RE: IE Security Hole

RE: IE Security Hole

2002-02-28 Thread Mike Townend
February 2002 16:48 To: CF-Community Subject: Re: IE Security Hole Yea, I think it can pass parameters. Not commands to the dos prompt, but it could open things with command line options. like shutdown for those of you that have the WinNT or 2k resource kit installed. At 11:36 AM 2/28/2002 -0500

Re:RE: IE Security Hole

2002-02-28 Thread C . Hatton Humphrey
It will only work on OS'es with "cmd.exe" as a command interpreter... Windows XP and Win2000. ME, 98, 95 and NT 4 still use command.com. Hatton >Doesn't do anything on my machine! I just get a white square. > >Kola > >> Have you all done all the IE security updates? Are we wasting our >> ti

RE: IE Security Hole

2002-02-28 Thread Kola Oyedeji
Doesn't do anything on my machine! I just get a white square. Kola > -Original Message- > From: Nick McClure [mailto:[EMAIL PROTECTED]] > Sent: 28 February 2002 16:05 > To: CF-Community > Subject: IE Security Hole > > > Just got this over the wire th

Re: IE Security Hole

2002-02-28 Thread Nick McClure
>- Original Message - >From: "Nick McClure" <[EMAIL PROTECTED]> >To: "CF-Community" <[EMAIL PROTECTED]> >Sent: Thursday, February 28, 2002 11:04 AM >Subject: IE Security Hole > > > > Just got this over the wire thought you might be intere

RE: IE Security Hole

2002-02-28 Thread Haggerty, Michael A.
I went to the link and did not see a DOS box. Using IE 5.50 unpatched. Mike -Original Message- From: Todd [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 28, 2002 11:37 AM To: CF-Community Subject: Re: IE Security Hole OK .. it can open programs, but can it pass parameters to make

Re: IE Security Hole

2002-02-28 Thread Todd
- Original Message - From: "Nick McClure" <[EMAIL PROTECTED]> To: "CF-Community" <[EMAIL PROTECTED]> Sent: Thursday, February 28, 2002 11:04 AM Subject: IE Security Hole > Just got this over the wire thought you might be interested: > > Have you all done all

IE Security Hole

2002-02-28 Thread Nick McClure
Just got this over the wire thought you might be interested: Have you all done all the IE security updates? Are we wasting our time? Read below. I thought you might be interested in trying this and then see your hair stand out. When I tried it just now (Wednesday Feb 27, 11am) it still worked. I