Attached Link: http://story.news.yahoo.com/news?tmpl=story&cid=75&e=12&u=/nf/20050110/tc_nf/29577

People still using IE should update immediately, and maybe consider switching to a different browser. Try Firefox or Netscape or Opera.

bonni

I use firefox now. Had tooo many problems from Trojans, viruses and what have you with Exploer. My server still uses it with so-called pop-up stoppers. What a laugh. Went online to check my email there and a porn site popped up. I hate that! sometimes my 7 year old granddaughter pops into my room while I'm online. Nothing like that with firefox, thank goodness.

Thanks for the link, Bonni. I sent it to my son who is a die-hard IE user. Can't seem to get him to switch to FF. :(

turn off activex, turn off javascript. do not run any scripts you have not checked line by line first. even with mozilla/firefox/netscape since they are all the same browser.

Quote - (1) HIGH: Mozilla NNTP Protocol Processing Overflow Affected: Mozilla version 1.7.3 and prior Description: Mozilla browser supports NNTP (news) protocol and interprets "news://" URLs. The browser contains a heap-based buffer overflow that can be triggered by an overlong news URL ending in a "" (backslash) character. A malicious webpage or an HTML email may possibly exploit the flaw to execute arbitrary code on the system running the browser. Mozilla developers initially reported that the flaw cannot be exploited to execute arbitrary code. However, the discoverer has posted a proof-of-concept exploit that overwrites heap memory with the user-supplied data. Status: Mozilla confirmed, upgrade to version 1.7.5. The discussion on MozillaZine indicates that Firefox prior to version 1.0 may also be affected. Hence, upgrade Firefox to version 1.0. Council Site Actions: The affected software is not in production or widespread use, or is not officially supported at any of the council sites. They reported that no action was necessary. Several of the sites commented that they block NNTP at their network security perimeter. References: Posting by Maurycy Prodeus http://www.isec.pl/vulnerabilities/isec-0020-mozilla.txt Mozilla Bugzilla Entry https://bugzilla.mozilla.org/show_bug.cgi?id=264388 Discussion on MozillaZine News http://www.mozillazine.org/talkback.html?article=5844 SecurityFocus BID http://www.securityfocus.com/bid/12131

Hence, upgrade Firefox to version 1.0. Well, that's what I use. Also, how do you turn off Active X in Firefox? I can't find any options, nor even any references in the Help file. bonni

turn it off in windows itself. firefox, and all non ms browsers don't use activex. it's to much of a security risk

It's baffled me for a while why there's no IE7. Perhaps MS were just happy to have offed Netscape and had nothing left to prove (other than that they could write the most hacker-friendly system attack launch vector in computing history, ably support by Outlook Express just in case email systems might have felt safe). Still, if Firefox were the biggest browser around I dare say it would attract more scrutiny. ActiveX: Just say 'For the love of God, NO!'

Netscape Corporation, owned by AOL, owns the gecko rendering engine used in netscape, mozilla and firefox. read the license for mozilla and firefox, it states the Netscape public license in it. Mozilla Netscape Public Licenses

Sorry I should've said Netscape /Navigator/ ...I realize that Netscape as a corporate entity survived. Sort of.

Jaqui...if one is using FF exclusively, why would it be neccessary to turn off "activeX in windows"?

because, even though the browser doesn't run it, a malicious script can run an activex control in the background ( no windows open, nothing visible at all ) that can be used to do just about anything to your computer that you can do.

All - thanks for the heads up .... for what it's worth? ....

SEATTLE, Washington (Reuters) -- Microsoft Corp. warned Windows users Tuesday of two new "critical" level security flaws in its software that could allow attackers to take control of a computer and delete or copy information.

The world's largest software maker issued patches to fix the problems as part of its monthly security bulletin, which affects the Windows operating system and the Internet Explorer Web browser.

Computer security experts urged users to download and install the patches, available at www.microsoft.com/security.

"It's very critical that users patch machines for these vulnerabilities," said Jimmy Kuo, a researcher at McAfee Inc.'s virus detection center.

A hacker could exploit one of the security flaws if a user directed the Web browser to a specially designed Web page, Redmond, Washington-based Microsoft said.

Microsoft also issued one other security warning, rated at

the second-highest level of "important."

Microsoft has been working for the last three years to improve the security and reliability of its software under its Trustworthy Computing initiative, as more and more malicious software targets weaknesses in Windows and other Microsoft software.

Also Tuesday, Microsoft began offering downloads of a software tool to remove viruses and other malicious software from computers.

Ok..Jaqui, just how would this malicious script enter my computer that way?

I can't find out anything about disabling Active X within Windows, itself. I found tons of information on turning it off in IE (which I don't use at all), but nothing about disabling it system wide. bonni

I don't see anything connecting Active X and Windows itself either, Bonni.

windows scripting host. disable that and you disable activex scripts. Bonni: < ----- script ... some script to run activex in background here ----- > < /head > < body > when you visit the site with a script embedded in the head like that, you don't see it, yet it can download ( through javascript ) a file, then set it into the startup for all users, specially if you, like most people, are always running on an Administrator account.

Thanks for the heads up! I just downloaded Firefox.

Attached Link: http://www.sophos.com/support/wsh.html

bonni

Message edited on: 01/13/2005 00:58

wsh is absolutely resquired for the advanced featured in windows help and search functions.

disabling this will revert these to windows 9x functionality.
it will improve security for your computer.

I followed the advice of the article I linked to and so far I haven't seen any change. I did try an advanced search and Help seems to work, as well. Just FYI. bonni

Thanks for the great info Jaqui and Bonni. :) Jaqui..could you possibly explain what Sophos means by the next text I have copied here? It's all greek to me, but sounds interesting nontheless. (like what is a PDA) ----------------------------------- "The threat of viruses infecting PDAs and mobile phones has been widely hyped by some anti-virus companies. The fact is that there have never been any reports of viruses successfully infecting these kind of devices outside of laboratory conditions. However, it is possible for PDAs to carry a virus into a company (thus avoiding any email gateway protection), and for the suspect file to be copied onto your desktop from the PDA." ------------------------------------

a palm pilot = pda most cell phones are susceptable to javascripted viruses, even though several manufacturers are useing linux to run the phone. ( Motorola for example ) but to be infected the cell has to be using bluetooth technology. ( a wireless interconnectivity system )

Thank you for explaining, Jaqui. :)

Good thing I never use IE

Me too, bone..me too! smile

05.2.1 CVE: CAN-2004-1043 Platform: Windows Title: Windows HTML Help Code Execution Description: A cross-domain vulnerability exists in Windows HTML Help ActiveX control that could allow information disclosure or remote code execution on an affected system. An attacker could exploit this vulnerability by constructing a malicious web page that could allow remote code execution if an unsuspecting user visits that page. All windows systems are affected. Ref: http://www.microsoft.com/technet/security/Bulletin/MS05-001.mspx ______________________________________________________________________ 05.2.2 CVE: CAN-2004-1049 Platform: Windows Title: Windows User32.DLL Buffer Overflow Description: Windows ANI (Animated Cursor Files) handler component in user32.dll is affected by a stack based buffer overflow issue. The issue exists because the user-specified length of an ANI file header is directly used in the "memcpy()" operation without boundary checks. All versions of Microsoft Windows are vulnerable to this issue. Ref: http://www.microsoft.com/technet/security/bulletin/MS05-002.mspx ______________________________________________________________________ 05.2.3 CVE: CAN-2004-0897 Platform: Windows Title: Windows Indexing Service Buffer Overflow Description: Microsoft Indexing Service is used to manage, query, and index information in file systems or Web servers. Microsoft Indexing Service is affected by a buffer overflow vulnerability. Microsoft has released a security advisory to solve this issue. Ref: http://www.microsoft.com/technet/security/Bulletin/MS05-003.mspx ______________________________________________________________________

As some of you may know I have always been a die hard Internet Explorer / MicroSoft / Intel supporter. Well dang it! I downloaded FireFox this morning. Wow - Nice browser. I love the Tabed browsing. Ok - So now I am a Firefox supporter. I really like this browser and will be loading it up on all my systems. I also like that they didnt ask for any information when downloading FireFox. I figured I would have had to supply my name and E-Mail address prior to downloading...but I didnt. Click the DL button and I got what I was after. Just thought I would share. :) Clint

welcome to the new world Clint... checkout some of the Extentions you can add.. you can really tailor FF to your needs..

Hi Khai, Yea - I DL'ed the bandwidth meter and FLASH plug-in. (grin) I may DL some of the "Themes"... Any cool Themes you can recommend?? Clint

not looked into those so much.. I'm running a wood theme that fits in with my desktop grin I recommend Adblock tho.. a very very useful addon that.. and I run Chatzilla for my IRC needs...

Thanks Khai. Have a nice weekend!! Clint

I'm using the "Nautipolis" theme by Alfred Kayser, Clint. Love it! :)

~shudder~ irc yuck!!!

I downloaded FireFox this morning. Wow - Nice browser. I love the Tabed browsing. Ok - So now I am a Firefox supporter. Woohoo! :-) I keep telling people if they'll just try it they will almost certainly find that they like it. ;-) bonni

Just wondering....how fast is internet with firefox for you? I tried it, but it was so slow. It took a page several minutes (up to 6 min) to load (i use explorer at the moment and it takes a page seconds to load) and i use broadband. I guess i'm wondering if i did something wrong when i installed it because it was just so so slow, that i ended up uninstalling it.... At the moment i'm using explorer, but i would like to use a safer alternative.

Firefox is very quick for me. Most people remark on how fast it is, actually... bonni

Okay... stupid question from me. If you disable windows scripting host in WinXP, is that going to cause problems for any programs that use Java? Cause I have programs I use that I cannot live without.

Attached Link: http://forums.mozillazine.org/

winders scripting is vbscript, and activex java needsa a java virtual machine, only available from sun. javascript needs a javascript enabled application

Thanks. It was the word script that confused me, lol.

java is a scripted language. the javavm is an engine to interpret the language and run the application. some programmers use compilers that will compile java into bytecode, removing the reliance on an interpreter / vm, and speeding it up. but most don't

One thing that totally confuses me: We've heard stories of Windows or Internet Explorer vulnerability for years if not decades. They keep "fixing" it, yet we keep hearing of vulnerabilities. Why can't they REALLY fix it once and for all?

Because their lazy and inept! :)

~l~ actually it's because microsoft has a coding policy: keep all existing code intact, and never meet coding standards. this creates bugs they don't fix. ( win 9x / me still had win 3.x file manager ) the code is proprietary so only an extremely limited number of people can access it to fix it. also, remember that windows is designed for the sole purpose of playing video games ( bill gates in press conference ) security is not something they actually care about.

TdaC: Try running Adaware and Spybot Search and Destroy..then reinstall Firefox..see if that helps any?

Thanks for the tip, it worked for a little while. Yesterday i visited rdna and their front page took 3,5 minuts to load and a few hours later the computer froze twice. I uninstalled firefox and everything went back to normal. Maybe my computer is too old for that browser, it's from 2000 and not very big. An interesting thing is firfox is safer than explorer but when i use explorer, spyboot never finds anything. The little time i used firefox, spyboot found several ojbects.

The problem with IE isn't that it attracts spyware or whatever. It's that there are numerous holes in it that directly tie to the operating system. Visit a page that uses the right (or wrong) code, and, bam, your system is compromised. The browser actually allows malicious code to be executed on your system. bonni

Yup, IE lets stuff download behind the curtains..things you never even know about..at least with Firefox you can see it, and have the option of allowing it or not. I dont think its your machine either..my girls both have older machines, and are running Win 98 SE..Not many machines have I seen that wouldnt run Firefox.....gotta be sompin' else..puts on thinking cap

I recently visited a site link from a message here in Renderosity, using Firefox. I was amazed to see the site had loaded a "pop-under" screen. The site belonged to someone who apparently was popular here, so I didn't say anything. Now I don't remember whose site it was. But Firefox is not immune to such annoyances.

damn... they be finding away to do it on all browsers now...

Not too long ago, there was a flaw that was discovered in Windows server and also in IE. Certain very well-trusted sites with big names were compromised through the flaw in Windows (because the server was running it), and when people visited the site with IE, a file was downloaded and run. When it was successful, the thing compromised your system quite badly (can't remember just offhand what it did). So in that case, even visiting well-known and trusted sites was dangerous... bonni