dso exploit

  • Thread starter Thread starter david
  • Start date Start date
D

david

When i run spybot s&d on the administrator logon screen
it shows the exploits have been given the ms fixes, but
when i run it on he users screen (logon) it dont show but
three of them and fails to show the ms fixes. I am pretty
sure it has to do with how i have the browser set but i
cant find it myself. it also shows spyware on the user
logon after running on the admin logon. can any lead me
to the ans to this problem? thanks
 
david said in news:[email protected]:
When i run spybot s&d on the administrator logon screen
it shows the exploits have been given the ms fixes, but
when i run it on he users screen (logon) it dont show but
three of them and fails to show the ms fixes. I am pretty
sure it has to do with how i have the browser set but i
cant find it myself. it also shows spyware on the user
logon after running on the admin logon. can any lead me
to the ans to this problem? thanks
Click to expand...

http://snipurl.com/7a8s

Since the registry change is under the HKEY_CURRENT_USER hive, it
applies only to the currently logged on user. You will have to make the
same change for each user (by finding the matching registry key under
HKEY_USERS or logging onto each user account and making the registry
change).
 
Greetings --

The DSO exploit was patched long ago by IE Cumulative Update
MS02-015, in March of 2002. If you've installed this specific patch,
or any subsequent IE Cumulative Updates, or Service Pack 1, you're
safe. It would appear that the latest version of Spybot S&D is only
checking for Internet zone settings in the registry that could be used
as work-around protection, and not for the presence of any corrective
patches. Hopefully, the makers of Spybot will soon fix this bug.

MS02-015 March 28, 2002 Cumulative Patch for Internet Explorer
http://support.microsoft.com/default.aspx?scid=kb;EN-US;319182

If you like, you can test your system for this particular
vulnerability at this web site:
http://www.greymagic.com/security/advisories/gm001-ie/

The makers of SpyBot S&D have acknowledged the problem and will
fix it on their next update:
http://www.safer-networking.org/index.php?page=paragraphs&detail=currentfaqs


Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH
 
Back
Top