lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <28BDBE0CC1D28149A5765F27757ED1D407A5D1@mystique.natasha.bridgecomtel.com>
Date: Thu, 17 Jul 2003 13:35:12 -0400
From: "Jackson, Chris" <CJackson@...dgecom.com>
To: "'Siddhartha Jain(IT)'" <SiddharthaJ@...kmuscat.com>,
	"BUGTRAQ@...URITYFOCUS. COM" <BUGTRAQ@...urityfocus.com>
Subject: RE: Windows Update - Unsafe ActiveX control


> "An ActiveX control on this page is not safe. Your current security
settings
> prohibit running unsafe controls on this page. As a result, this page may
> not display as intended."
> So Microsoft expects me download critical patches using an unsafe ActiveX
> control??

Safe for Scripting indicates that a control does not access files, memory,
or registers directly. The only purpose of the Windows Update control is to
access (and update) files directly, so it should not be marked as safe for
scripting.

-- 
Chris Jackson
Software Engineer
Microsoft MVP
--

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ