[19415] in bugtraq
Re: Microsoft Security Bulletin MS01-012
daemon@ATHENA.MIT.EDU (Chris Timmons)
Wed Feb 28 03:03:22 2001
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-ID: <EMEPLFDIHLGLOIHLKFPDEEBDCEAA.chris-timmons@home.com>
Date: Tue, 27 Feb 2001 21:28:15 -0500
Reply-To: Chris Timmons <chris-timmons@HOME.COM>
From: Chris Timmons <chris-timmons@HOME.COM>
X-To: Philip Stoev <philip@STOEV.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <00a101c0a048$6ae6bd50$0100a8c0@zara>
Not true either..
Open File Explorer and got Tools -> Options -> File Types, scroll down to
.vcf, click advanced, and just uncheck "confirm open after download". You
open it, it won't ask you. If you have checked it, or any of your users
have, it will ask again. Running logon scripts in a network, or sending any
other "executable" file :) (depending on motives) you want to send someone
can enable or disable this feature.
The same goes for any type of file extension. If it is a blind link on
website, it will run without prompting to open or save if
disabled/unchecked. You will of course get the open vcf file, and still have
the option to save or discard then, but by then the damage is done?
; Enable confirm after download / opening (checked):
[HKEY_CLASSES_ROOT\vcffile]
"EditFlags"=dword:0
; Disable confirm after download / opening: (unchecked)
[HKEY_CLASSES_ROOT\vcffile]
"EditFlags"=dword:0x1000
Chris
---------------------
Humanity has advanced, when it has advanced, not because it has been sober,
responsible, and cautious, but because it has been playful, rebellious, and
immature.
- Tom Robbins
-----Original Message-----
From: Bugtraq List [mailto:BUGTRAQ@SECURITYFOCUS.COM]On Behalf Of Philip
Stoev
Sent: February 26, 2001 18:04
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Re: Microsoft Security Bulletin MS01-012
> >Mitigating Factors:
> >====================
> > - There is no means by which a Vcard could be made to open
> > automatically.
>
> This is not entirely accurate. If you are in the habit of collecting these
> odd things, you will have most certainly uncheck-marked the security
warning
> a long time ago. In that case it is less than trivial to open the Vcard
> automatically:
On IE 5.50.4522.180 with OE 5.50.4133.2400 on Windows 2000 Professional SP1,
the user is always prompted. There is no way to uncheck the "ask me" box,
because it is disabled (except by editing the registry). I think this also
applies for the initial OE 5.
Philip
