G
Guest
I read about a new IE vulnerability at Secunia today and tried their test to
see if my PC was vulnerable with active scripting enabled. It did not appear
to be vulnerable. I changed my settings for navigating subframes across
domains from disable to enable and Windows Defender gave me an alert about
changing my homepage!!! This alert does not seem pertinet to what I was doing:
Event Type: Warning
Event Source: WinDefend
Event Category: None
Event ID: 3004
Date: 4/6/2006
Time: 12:03:23 PM
User: N/A
Computer: JUDITH
Description:
Windows Defender Real-Time Protection agent has detected potential malware.
For more information please see the following:
http://www.microsoft.com
Scan ID: {21F710B8-013D-4ED4-B33E-5741845D8203}
User: JUDITH\Paul
Threat Name: Unknown
Threat Id:
Threat Severity:
Threat Category:
Path Found:
iemain:HKCU@S-1-5-21-4018711648-284700086-2646643178-1010\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page
Threat Classification: Unknown
Detection Type:
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Of course, I just allowed the change so I could contiunue my test. Doesn't
this seem to be a bug in the way Defender interprets IE settings changes???
BTW- the vulnerability test at Secunia showed that the vulnerability works
if you have Navigate subframes across domains set to enable; it does not work
it that is set to disable.
http://secunia.com/Internet_Explorer_Address_Bar_Spoofing_Vulnerability_Test/?s
see if my PC was vulnerable with active scripting enabled. It did not appear
to be vulnerable. I changed my settings for navigating subframes across
domains from disable to enable and Windows Defender gave me an alert about
changing my homepage!!! This alert does not seem pertinet to what I was doing:
Event Type: Warning
Event Source: WinDefend
Event Category: None
Event ID: 3004
Date: 4/6/2006
Time: 12:03:23 PM
User: N/A
Computer: JUDITH
Description:
Windows Defender Real-Time Protection agent has detected potential malware.
For more information please see the following:
http://www.microsoft.com
Scan ID: {21F710B8-013D-4ED4-B33E-5741845D8203}
User: JUDITH\Paul
Threat Name: Unknown
Threat Id:
Threat Severity:
Threat Category:
Path Found:
iemain:HKCU@S-1-5-21-4018711648-284700086-2646643178-1010\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page
Threat Classification: Unknown
Detection Type:
For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
Of course, I just allowed the change so I could contiunue my test. Doesn't
this seem to be a bug in the way Defender interprets IE settings changes???
BTW- the vulnerability test at Secunia showed that the vulnerability works
if you have Navigate subframes across domains set to enable; it does not work
it that is set to disable.
http://secunia.com/Internet_Explorer_Address_Bar_Spoofing_Vulnerability_Test/?s