lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <969653E17315064BA3EFBBA57C8458DC02159CCD@clbilarr01a.iberdrola.es>
Date: Fri, 3 Dec 2004 10:11:20 +0100
From: "Rivera Alonso, David" <drivera@...rdrola.es>
To: "'Berend-Jan Wever'" <skylined@...p.tudelft.nl>,
   full-disclosure@...ts.netsys.com, bugtraq@...urityfocus.com
Subject: RE: Official IFRAME patch - make sure it installs correctly



Same happened to me.
I went to WindowsUpdate, patched it and run MBSA, who told it wasn't
patched. I had to download the .EXE and run again. After the reboot, MBSA
told I was safe.

-----Mensaje original-----
De: Berend-Jan Wever [mailto:skylined@...p.tudelft.nl] 
Enviado el: jueves, 02 de diciembre de 2004 1:50
Para: full-disclosure@...ts.netsys.com; bugtraq@...urityfocus.com
Asunto: Official IFRAME patch - make sure it installs correctly


The IFRAME vulnerability has been patched, see
http://www.microsoft.com/technet/security/bulletin/ms04-040.mspx

*** Make sure you are patched after installing ***
I installed it using "Automatic Updates" (on Win2ksp4), rebooted and loaded
my InternetExploiter.html: IT STILL WORKED!!
Even though both "Automatic Updates" and
"http://windowsupdate.microsoft.com" reported that I was patched!?!
I manually downloaded the exe and ran it, rebooted and now I'm finally
truely patched.

It might just have been a glitch on my system, but you might wanna check
anyway: InternetExploiter.html can still be downloaded from my website.

Berend-Jan Wever
<skylined@...p.tudelft.nl>
http://www.edup.tudelft.nl/~bjwever
SkyLined in #SkyLined on EFNET





=============================
Este mensaje se dirige exclusivamente a su destinatario.
Puede contener informacion confidencial sometida a secreto profesional o cuya divulgacion
este prohibida, en virtud de la legislacion vigente. No esta permitida su divulgacion,
copia o distribucion a terceros sin la autorizacion previa y por escrito de Iberdrola.
Si ha recibido este mensaje por error, le rogamos nos lo comunique inmediatamente
por esta misma via y proceda a su destruccion.

This e-mail is intended exclusively for the individual or entity to which it is addressed
and may contain confidential or legally privileged information, which may not be disclosed
under current legislation. Any form of disclosure, copying or distribution of this e-mail
is strictly prohibited, save with written authorisation from Iberdrola.
If you have received this message in error, please notify the sender immediately by e-mail
and delete all copies of the message.
=============================

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ