If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Big Flaw in IE demonstrated by this test....
Saw this at another MS Newsgroup, and was quite shocked.
This below is a copy/paste of that post: From: "Cnews-ms" Subject: Test your IE browser for serious vulnerabilty Date: Sat, 3 Jul 2004 18:13:46 -0500 paste If you must continue using IE please go to the site below. I am concerned because I applied the Microsoft Fix today, rebooted and IE still failed the test. Mozilla and Firefox passed. see for yourself . test http://secunia.com/multiple_browsers...bility_te st/ CR -- http://QLiner.com /paste -- LuckyStrike How to make a good newsgroup post: http://www.dts-l.org/goodpost.htm http://home.satx.rr.com/badour/html/post.html -------------------------------------------------------------------- |
#2
|
|||
|
|||
Big Flaw in IE demonstrated by this test.... but a remedy has been found
Looking closer into the issue revealed the solution for IE6 SP-1. By
disabling "Navigate sub-frames across different domains" in the security tab, the problem was eliminated. Did a test and it passed. :-) Internet Explorer Frame Injection Vulnerability http://secunia.com/advisories/11966/ -- LuckyStrike -------------------------------------------------------------------- |
#3
|
|||
|
|||
Big Flaw in IE demonstrated by this test.... but a remedy has been found
I just tried what you said on my IE6sp1 in the security
tab and after doing that I wasn't able to view posts and certain newsgroups and forum sites. -----Original Message----- Looking closer into the issue revealed the solution for IE6 SP-1. By disabling "Navigate sub-frames across different domains" in the security tab, the problem was eliminated. Did a test and it passed. :-) Internet Explorer Frame Injection Vulnerability http://secunia.com/advisories/11966/ -- LuckyStrike om ---------------------------------------------------------- ---------- . |
#4
|
|||
|
|||
Big Flaw in IE demonstrated by this test.... but a remedy has been found
Which sites and what posts? Obviously this one wasn't affected. I've not
experienced any problems whatsoever. But if you feel you have some issues with it, simply undo the change, and see if things clear up for you. I mean it isn't like having installed an un-removable patch. Using W98SE here *fully updated* right up through todays' Windows Critical update KB870669. -- LuckyStrike How to make a good newsgroup post: http://www.dts-l.org/goodpost.htm http://home.satx.rr.com/badour/html/post.html -------------------------------------------------------------------- "pod" wrote in message ... I just tried what you said on my IE6sp1 in the security tab and after doing that I wasn't able to view posts and certain newsgroups and forum sites. -----Original Message----- Looking closer into the issue revealed the solution for IE6 SP-1. By disabling "Navigate sub-frames across different domains" in the security tab, the problem was eliminated. Did a test and it passed. :-) Internet Explorer Frame Injection Vulnerability http://secunia.com/advisories/11966/ -- LuckyStrike om ---------------------------------------------------------- ---------- . |
#5
|
|||
|
|||
Big Flaw in IE demonstrated by this test.... but a remedy hasbeen found
LuckyStrike wrote:
Looking closer into the issue revealed the solution for IE6 SP-1. By disabling "Navigate sub-frames across different domains" in the security tab, the problem was eliminated. Did a test and it passed. :-) Internet Explorer Frame Injection Vulnerability http://secunia.com/advisories/11966/ Hi LS, Here's a more certain cu http://www.mozilla.org/products/firefox/ mm |
#6
|
|||
|
|||
Big Flaw in IE demonstrated by this test.... but a remedy has been found
Which sites? Well this site that I'm posting from is one
example. Had to undo the change to view any posts. But it's no biggie I was just trying it out and clearly there's some disadvantages to disabling that feature in the security tab. Each to their own I guess And yes my win98se is fully updated too... -----Original Message----- Which sites and what posts? Obviously this one wasn't affected. I've not experienced any problems whatsoever. But if you feel you have some issues with it, simply undo the change, and see if things clear up for you. I mean it isn't like having installed an un-removable patch. Using W98SE here *fully updated* right up through todays' Windows Critical update KB870669. -- LuckyStrike om How to make a good newsgroup post: http://www.dts-l.org/goodpost.htm http://home.satx.rr.com/badour/html/post.html ---------------------------------------------------------- ---------- "pod" wrote in message ... I just tried what you said on my IE6sp1 in the security tab and after doing that I wasn't able to view posts and certain newsgroups and forum sites. -----Original Message----- Looking closer into the issue revealed the solution for IE6 SP-1. By disabling "Navigate sub-frames across different domains" in the security tab, the problem was eliminated. Did a test and it passed. :-) Internet Explorer Frame Injection Vulnerability http://secunia.com/advisories/11966/ -- LuckyStrike om ------------------------------------------------------- --- ---------- . . |
#7
|
|||
|
|||
Big Flaw in IE demonstrated by this test.... but a remedy has been found
Oh, I see. You're talking about the MS Web based newsgroup site. Yeah, I'd
guess you might have to set that feature to prompt if you want to access the posts. I guess they originate from different domains. :-) This aspect will not bother me as far as this issue goes; I don't use the Website to access these newsgroups, but rather prefer Outlook Express to provide that function. You should try it...you'd like it. I admit, I went there and tried and it is just as you've said. As to what other negative effects may occur, I don't know. I've ventured to a multitude of sites and strangely (or not so strangely?) the MS site is the first to have balked. Will you say it or shall it be me? "Typical"! ;-D -- LuckyStrike How to make a good newsgroup post: http://www.dts-l.org/goodpost.htm http://home.satx.rr.com/badour/html/post.html -------------------------------------------------------------------- "pod" wrote in message ... Which sites? Well this site that I'm posting from is one example. Had to undo the change to view any posts. But it's no biggie I was just trying it out and clearly there's some disadvantages to disabling that feature in the security tab. Each to their own I guess And yes my win98se is fully updated too... -----Original Message----- Which sites and what posts? Obviously this one wasn't affected. I've not experienced any problems whatsoever. But if you feel you have some issues with it, simply undo the change, and see if things clear up for you. I mean it isn't like having installed an un-removable patch. Using W98SE here *fully updated* right up through todays' Windows Critical update KB870669. -- LuckyStrike om How to make a good newsgroup post: http://www.dts-l.org/goodpost.htm http://home.satx.rr.com/badour/html/post.html ---------------------------------------------------------- ---------- "pod" wrote: ... I just tried what you said on my IE6sp1 in the security tab and after doing that I wasn't able to view posts and certain newsgroups and forum sites. snipped |
#8
|
|||
|
|||
Big Flaw in IE demonstrated by this test.... but a remedy has been found
Perhaps you are right MM. That "simple fix" could be a hassle. If one sets
to prompt or disable as I do for a lot of things, it may be a week before you actually can access the site, if ones' finger doesn't get totally cramped from all the clicking for no Scripts, no ActiveX, oh ok...navigate sub-frames, uh -oh... ISP timed-out. ;-D "Mostly Me (MM)" wrote in message ... LuckyStrike wrote: Looking closer into the issue revealed the solution for IE6 SP-1. By disabling "Navigate sub-frames across different domains" in the security tab, the problem was eliminated. Did a test and it passed. :-) Internet Explorer Frame Injection Vulnerability http://secunia.com/advisories/11966/ Hi LS, Here's a more certain cu http://www.mozilla.org/products/firefox/ mm |
Thread Tools | |
Display Modes | |
|
|