> -----Original Message----- > From: Georgi Guninski [mailto:guninskiat_private] > Sent: Friday, April 20, 2001 14:40 > Subject: XML scripting in IE, Outlook Express [...] > Background: > We have some disagreement with Microsoft whether this works on fully > patched IE 5.x. > I believe I am running fully patched IE according to the rules for > patching in > Microsoft's security bulletins. > The problem seems to be the version of WSH which is described in > MS-01-015 at: > http://www.microsoft.com/technet/security/bulletin/ms01-015.asp > To check whether you are vulnerable check DEMONSTRATION. Not vulnerable.: Windows 2000 Professional SP1 (5.00.2195) Internet Explorer 5.5 SP1 (5.50.4134.0600) + Q290108, Q279328 Windows Scripting Host 5.1 Outlook 2000 + Outlook Security Fix MS XML Parser 3.0 OTOH, another computer IS vulnerable: Windows 2000 Professional Internet Explorer 5.01 Windows Scripting Host 5.1 Outlook 2000 MS XML Parser 3.0 > Workaround: I do not know of workaround but Microsoft claims updating > WSH solves the issue. This does not seem to be the case. Also noticed during testing that after unsuccessfully visiting the demonstration page, IE/OL on occasion jams for a few seconds.
This archive was generated by hypermail 2b30 : Sun Apr 22 2001 - 23:30:38 PDT