[30151] in bugtraq
RE: Flooding Internet Explorer 6.0.2800 (6.x?) security zones ! - UPDATED
daemon@ATHENA.MIT.EDU (=?iso-8859-2?B?UGF3ZbMgR29sZfE=?=)
Thu May 15 18:05:23 2003
From: "=?iso-8859-2?B?UGF3ZbMgR29sZfE=?=" <pgolen@cryptotech.com.pl>
To: <bugtraq@securityfocus.com>
Date: Thu, 15 May 2003 23:52:02 +0200
Message-ID: <000701c31b2c$386fd530$c801a8c0@barska.net>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-2"
Content-Transfer-Encoding: 7bit
In-Reply-To: <200305152105.h4FL5sml025998@web156.megawebservers.com>
> Harmless .exe
>
> http://www.malware.com/forceframe.html
>
> Note: may of course be different on other machines [i.e. processor
> power...increase amount of frame 'suppose]
>
> Well Done ! It's a beauty !
It does not work for me ;) OK., it works :( But there is an easy way to
protect your system using NTFS file system or Software Restriction Policy
in Windows XP or Windows 2003. You must change NTFS permission not to
allow run executable code _or_ create path rule in Software Restriction
Policy that prohibits programs from run from temporary internet files. I
think that this solution may be usefull before Microsoft fix this error.
--
Pawel Golen
mailto:p_golen@ks.onet.pl
