Security Hole!

[Guest]

My Spybot Search&Destroy reports security holes in IE6 and says
it needs a registry change. The holes are:
DSO Exploit: Data source object exploit
IN
HKEY_USERS\ ... Internet Settings\Zones\0\1004=W=3

Q 1: Can I manually correct the settings?

Q 2: Should W=4?

<*((((><{
(e-mail address removed)

 

[Ramesh [MVP]]

Does it say "DSO Exploit: Data source object exploit (Registry change, fixed)"

1004 refers to 'Download unsigned ActiveX controls' and 3 is the recommended value.

http://support.microsoft.com/default.aspx?scid=kb;EN-US;182569

--
Ramesh - Microsoft MVP
Windows XP Shell
http://www.mvps.org/sramesh2k
---------------------------------------
What You Should Know About the Sasser Worm and It Variants:
http://www.microsoft.com/security/incident/sasser.asp
---------------------------------------


My Spybot Search&Destroy reports security holes in IE6 and says
it needs a registry change. The holes are:
DSO Exploit: Data source object exploit
IN
HKEY_USERS\ ... Internet Settings\Zones\0\1004=W=3

Q 1: Can I manually correct the settings?

Q 2: Should W=4?

<*((((><{
(e-mail address removed)

 

[Guest]

It doesn't say "fixed".

<*((((><{
(e-mail address removed)

On Fri, 14 May 2004 11:28:32 +0530, "Ramesh [MVP]"

|Does it say "DSO Exploit: Data source object exploit (Registry change, fixed)"
|
|1004 refers to 'Download unsigned ActiveX controls' and 3 is the recommended value.
|
|http://support.microsoft.com/default.aspx?scid=kb;EN-US;182569
|
|--
|Ramesh - Microsoft MVP
|Windows XP Shell
|http://www.mvps.org/sramesh2k
|---------------------------------------
|What You Should Know About the Sasser Worm and It Variants:
|http://www.microsoft.com/security/incident/sasser.asp
|---------------------------------------
|
|
|My Spybot Search&Destroy reports security holes in IE6 and says
|it needs a registry change. The holes are:
|DSO Exploit: Data source object exploit
|IN
| HKEY_USERS\ ... Internet Settings\Zones\0\1004=W=3
|
|Q 1: Can I manually correct the settings?
|
|Q 2: Should W=4?
|
|<*((((><{
|[email protected]

 

[Ramesh [MVP]]

Sorry! not much idea on that. You could post this in Spywareinfo.com forums for expert advice on this.

--
Ramesh - Microsoft MVP
Windows XP Shell
http://www.mvps.org/sramesh2k
---------------------------------------
What You Should Know About the Sasser Worm and It Variants:
http://www.microsoft.com/security/incident/sasser.asp
---------------------------------------


It doesn't say "fixed".

<*((((><{
(e-mail address removed)

On Fri, 14 May 2004 11:28:32 +0530, "Ramesh [MVP]"

|Does it say "DSO Exploit: Data source object exploit (Registry change, fixed)"
|
|1004 refers to 'Download unsigned ActiveX controls' and 3 is the recommended value.
|
|http://support.microsoft.com/default.aspx?scid=kb;EN-US;182569
|
|--
|Ramesh - Microsoft MVP
|Windows XP Shell
|http://www.mvps.org/sramesh2k
|---------------------------------------
|What You Should Know About the Sasser Worm and It Variants:
|http://www.microsoft.com/security/incident/sasser.asp
|---------------------------------------
|
|
|My Spybot Search&Destroy reports security holes in IE6 and says
|it needs a registry change. The holes are:
|DSO Exploit: Data source object exploit
|IN
| HKEY_USERS\ ... Internet Settings\Zones\0\1004=W=3
|
|Q 1: Can I manually correct the settings?
|
|Q 2: Should W=4?
|
|<*((((><{
|[email protected]