DSO EXPLOIT

[Jamess B. Holladay]

What is DSO Exploit?
SpyBot finds it as a problem. As soon as you delete the computer starts to
have problems coming out of standby.
Has any one else experienced this problem?

 

[Carey Frisch [MVP]]

Basically what's happening is Spybot is finding that the security setting
for "Download Unsigned ActiveX controls" for the (normally) hidden
"My Computer" zone in Internet Explorer is not set to disabled.
However, the fact that Spybot isn't properly fixing this is just a simple Sypbot
bug that hopefully will be fixed soon by Spybot.

Visit http://forums.net-integration.net/index.php?showtopic=15308
for additional info.

Make sure you visit the Windows Update website and download any
recommended Critical Updates.

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User

-----------------------------------------------------------------------------

:

| What is DSO Exploit?
| SpyBot finds it as a problem. As soon as you delete the computer starts to
| have problems coming out of standby.
| Has any one else experienced this problem?

 

[Guest]

What is DSO Exploit?
SpyBot finds it as a problem. As soon as you delete the computer starts to
have problems coming out of standby.
Has any one else experienced this problem?

DSO exploit is a very old exploit that has been patched by a microsoft
hotfix along time ago.If you are current with windows update you have no need
to worry about it.This report will be fixed in a later update of Spybot
S&D.You can add the DSO exploit to the ignore list in Spybot.
Or if you would like to double check weather this exploit still exists on
your system the link below will take you to a download of a DSO checker and
blocker.

http://nsclean.com/dsostop.html

 

[Guest]

This is a bug in Spybot. You need to set Spybot to Ignore this. Go to
Advanced mode, Settings, Ignore Cookies, Security tab, put a check by DSO
exploits.

 

[Eric McG]

This issue was covered in an article in the latest Langalist newsletter. It
seems that Spybot S&D has bug relating to a false positive reporting of a DSO
Exploit. It goes on to say that this was a security hole in IE that has
long-since been patched.

If your copy of IE is up-to-date with all critical patches, here's the
workaround:

1 Open Spybot and select 'advanced' mode.

2 Select 'settings' in the left column.

3 Select 'ignore product' in the left column.

4 Select 'security' tab.

5 Place check mark in box beside DSO Exploit.

6 Close program

7 Open Spybot and run a scan.

 

[Alias]

I get SearchForIt that keeps coming back. Same problem?

Alias

 

[Guest]

I've notices searchforit as well.
Today I found out that Spybot is finding a registry edit that Spywareblaster
has placed on the system,If you are also using Spywareblaster look to see if
one item is disabled ater S/B removes searchforit.If so place searchforit in
Spybot's ignore list.

 

[Alias]

You hit it on the head.

Where do I find SearchForIt on Spybot?

Thanks,

Alias

 

[Guest]

Where do I find SearchForIt on Spybot?

What I did was renable all items in Spywareblaster then I ran Spybot again
when searchforit was detected just highlight it and right click, select
exclude this item from future searches.

 

[Bruce Chambers]

What is DSO Exploit?
SpyBot finds it as a problem. As soon as you delete the computer
starts to have problems coming out of standby.
Has any one else experienced this problem?

The DSO exploit was patched long ago by IE Cumulative Update
MS02-015, in March of 2002. If you've installed this specific patch,
or any subsequent IE Cumulative Updates, or IE Service Pack 1, you're
safe. It would appear that the latest version of Spybot S&D is only
checking for Internet zone settings in the registry that could be used
as work-around protection, and not for the presence of any corrective
patches. Hopefully, the makers of Spybot will soon fix this bug.

MS02-015 March 28, 2002 Cumulative Patch for Internet Explorer
http://support.microsoft.com/default.aspx?scid=kb;EN-US;319182

If you like, you can test your system for this particular
vulnerability at this web site:
http://www.grey.com/security/advisories/gm001-ie/

The makers of SpyBot S&D have acknowledged the problem and will
fix it on their next update:
http://www.safer-networking.org/index.php?page=paragraphs&detail=currentfaqs

In the meantime, in SpyBot S&D, click Mode > Advanced > Settings >
Ignore Products > Security > DSO Exploit, to turn off the false alarm.

Some people have reported that the Spybot Detection rules dated 30
Aug 04, when used with SpyBot S&D 1.3, will fix this problem.
However, I've had inconsistent results with that particular detection
update; sometimes it reads clean, then later it will once again find
the DSO problem, and then it will read clean again, all on the same
machine, with no other changes made.


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH

 

[Alias]

Thanks, that worked.

Alias

Where do I find SearchForIt on Spybot?

What I did was renable all items in Spywareblaster then I ran Spybot again
when searchforit was detected just highlight it and right click, select
exclude this item from future searches.