also @ TechSpot: Google, Samsung unveil Chromebook, Chromebox with Chrome OS 19

TechSpot
Register now for a live online demo to see how the Office 365 suite of tools
- professional email, calendars, video conferencing, and file sharing -

New instant messenger exploit

Discussion in 'General Discussion' started by TS | Thomas, Feb 19, 2004.

Thread Status:
Not open for further replies.

  1. TS | Thomas Newcomer, in training

    Vulnerable
    ----------
    - Microsoft Internet Explorer 6.0 (lower was not tested)
    - Microsoft Windows XP Pro
    - Microsoft Windows XP Home
    - Microsoft Windows 2003 Server Enterprise
    - AOL Instant Messenger 5.5 to 4.3 tested

    There is a problem in internet explorer where a file can be displayed as html even though the file is not an html file. Also the file can be run in My Computer zone where lower restrictions apply. Aol instant messenger buddy icons (& maybe themes not tested) is just ONE way to get a file in a known location on the hard drive. All environments where tested fully patched from Windows Update & double checked with Microsoft Baseline Security Analyzer 1.2.

    Would you like to know more? Qwik-Fix (If you've not already installed it), protects against this vulnerability.
    TS | Thomas, Feb 19, 2004
    #1
Thread Status:
Not open for further replies.