DSO Exploit ----and Add/Remove Programs

[John Lennard]

THere is a DSO Exploit on my computer running Win XP Pro
with Spybot: Search and Destroy.... Please advise how to
remove...In addition, my mistake of my own, i deleted a
program in the Recycle Bin, instead of uninstalling how
can i remove this annoying title in the Add/Remove
Programs, to remove the name....Please advise..Contact

aaron200(remove this)@sbcglobal.net

 

[Carey Frisch [MVP]]

Basically what's happening is that Spybot is finding that the security setting
for "Download Unsigned ActiveX controls" for the (normally) hidden
"My Computer" zone in Internet Explorer is not set to disabled.

Visit http://forums.net-integration.net/index.php?showtopic=15308
for additional info.

Make sure you visit the Windows Update website and download any
recommended Critical Updates.

Removing Invalid Entries in the Add/Remove Programs Tool
http://support.microsoft.com/default.aspx?scid=kb;en-us;310750&Product=winxp

Visit http://www.kellys-korner-xp.com/xp_a.htm and scroll down to the
topic titled:
"Add and Remove -Removing Invalid Entries in the Add/Remove Programs Tool"

[Courtesy of MS-MVP Kelly Theriot]

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

Be Smart! Protect your PC!
http://www.microsoft.com/security/protect/

--------------------------------------------------------------------------------------------


| THere is a DSO Exploit on my computer running Win XP Pro
| with Spybot: Search and Destroy.... Please advise how to
| remove...In addition, my mistake of my own, i deleted a
| program in the Recycle Bin, instead of uninstalling how
| can i remove this annoying title in the Add/Remove
| Programs, to remove the name....Please advise..Contact
|
| aaron200(remove this)@sbcglobal.net

 

[Bruce Chambers]

Greetings --

The DSO exploit was patched long ago by IE Cumulative Update
MS02-015, in March of 2002. If you've installed this specific patch,
or any subsequent IE Cumulative Updates, or Service Pack 1, you're
safe. It would appear that the latest version of Spybot S&D is only
checking for Internet zone settings in the registry that could be used
as work-around protection, and not for the presence of any corrective
patches. Hopefully, the makers of Spybot will soon fix this bug.

MS02-015 March 28, 2002 Cumulative Patch for Internet Explorer
http://support.microsoft.com/default.aspx?scid=kb;EN-US;319182

If you like, you can test your system for this particular
vulnerability at this web site:
http://www.greymagic.com/security/advisories/gm001-ie/

The makers of SpyBot S&D have acknowledged the problem and will
fix it on their next update:
http://www.safer-networking.org/index.php?page=paragraphs&detail=currentfaqs


Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH