full-disclosure - Official IFRAME patch - make sure it installs correctly

lists.openwall.net		lists / announce john-users owl-users popa3d-users / xvendor oss-security / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4
Open Source and information security mailing list archives

This website is powered by Openwall GNU/*/Linux security-enhanced OS

[<prev] [next>] [thread-next>] [month] [year] [list]

From: skylined at edup.tudelft.nl (Berend-Jan Wever)
Subject: Official IFRAME patch - make sure it installs correctly

The IFRAME vulnerability has been patched, see http://www.microsoft.com/technet/security/bulletin/ms04-040.mspx

*** Make sure you are patched after installing ***
I installed it using "Automatic Updates" (on Win2ksp4), rebooted and loaded my InternetExploiter.html: IT STILL WORKED!!
Even though both "Automatic Updates" and "http://windowsupdate.microsoft.com" reported that I was patched!?!
I manually downloaded the exe and ran it, rebooted and now I'm finally truely patched.

It might just have been a glitch on my system, but you might wanna check anyway: InternetExploiter.html can still be downloaded from my website.

Berend-Jan Wever
<skylined@...p.tudelft.nl>
http://www.edup.tudelft.nl/~bjwever
SkyLined in #SkyLined on EFNET

This email and any files transmitted with it are intended for the named recipient only. The information contained in this message may be confidential, legally privileged or commercially sensitive. If you are not the intended recipient you must not reproduce or distribute any part of the email, disclose its contents to any other party, or take any action in reliance on it. If you have received this email in error, please contact the sender immediately by return email and delete this message from your computer.