| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <BAY24-DAV14A2684DE405B7FCF76392DAB00@phx.gbl> From: billybobknob at hotmail.com (BillyBob) Subject: Official IFRAME patch - make sure it installs correctly Does anyone know why Microsoft does not have this patch available for XP (no SP) running IE6 ? I know this system is vulnerable to the IFRAME exploit as I tested it. Bill ----- Original Message ----- From: "Berend-Jan Wever" <skylined@...p.tudelft.nl> To: <full-disclosure@...ts.netsys.com>; <bugtraq@...urityfocus.com> Sent: Wednesday, December 01, 2004 8:49 PM Subject: [Full-Disclosure] Official IFRAME patch - make sure it installs correctly > The IFRAME vulnerability has been patched, see http://www.microsoft.com/technet/security/bulletin/ms04-040.mspx > > *** Make sure you are patched after installing *** > I installed it using "Automatic Updates" (on Win2ksp4), rebooted and loaded my InternetExploiter.html: IT STILL WORKED!! > Even though both "Automatic Updates" and "http://windowsupdate.microsoft.com" reported that I was patched!?! > I manually downloaded the exe and ran it, rebooted and now I'm finally truely patched. > > It might just have been a glitch on my system, but you might wanna check anyway: InternetExploiter.html can still be downloaded from my website. > > Berend-Jan Wever > <skylined@...p.tudelft.nl> > http://www.edup.tudelft.nl/~bjwever > SkyLined in #SkyLined on EFNET > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html >
Powered by blists - more mailing lists