| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Jul 2003 09:37:18 +0400 From: "Siddhartha Jain(IT)" <SiddharthaJ@...kmuscat.com> To: "BUGTRAQ@...URITYFOCUS. COM" <BUGTRAQ@...urityfocus.com> Subject: Windows Update - Unsafe ActiveX control Hello, I just tried to download the latest Microsoft security update by using the Windows update utility in Internet Explorer. However, I could not do so because I had disabled all ActiveX controls in the security settings (after reading a terrifying paper on ActiveX security). After this I enabled "Download Signed ActiveX Controls" and "Run ActiveX controls and plugins". I ran the Windows update utility again and got this message: "An ActiveX control on this page is not safe. Your current security settings prohibit running unsafe controls on this page. As a result, this page may not display as intended." URL: http://v4.windowsupdate.microsoft.com/en/default.asp After I clicked "Ok", I got the error message that this utility is to run by "Administrators Only". I am running Microsoft Windows 2000 Server SP4 and IE 6.0.2800.1106 SP1 Q818529. So Microsoft expects me download critical patches using an unsafe ActiveX control?? Regards, Siddhartha Jain "This email message is intended for the named recipient only. It may be privileged and/or confidential. If you are not the intended named recipient of this email then you should not copy it or use it for any purpose, nor disclose its contents to any other person which is strictly prohibited and unlawful"
Powered by blists - more mailing lists