Re: XML scripting in IE, Outlook Express

From: Rick Updegrove (dislistsat_private)
Date: Thu Apr 26 2001 - 20:01:14 PDT

Next message: dark spyrit: "Microsoft ISA Server Vulnerability"

Previous message: Matt Chapman: "Re: x86 vulnerability"
In reply to: Ken Pfeil: "Re: XML scripting in IE, Outlook Express"
Next in thread: Rick Updegrove: "Re: XML scripting in IE, Outlook Express"
Next in thread: David LeBlanc: "Re: XML scripting in IE, Outlook Express"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ken Pfeil writes:

> Updating WSH DOES resolve this issue.
> Patching/upgrading the browser had no effect.

I apologize in advance for my ignorance, but what is WSH?

NOTE*  I modified the original .xml and .xls files used in the original post
and sent them to my brother, and my best friend who are both NT admins with
large userbases, all using outlook express or outlook.  I warned them ahead
of time and explained they should first disable scripting and set their
security levels to high, and I forwarded the original post.  They both
assured me that was not going to be an issue.  They were flabbergasted when
they realized that they were both vulnerable.  I have only had one person
claim he was not (and I really don't believe him because he tends to be
extremely paranoid and would not admit to anything anyway)

By the way I did fire up OE myself and I was also vulnerable.

(Windows2000PRO 5.00.2195 SP1 / IE 5.5.4133.2400)

Rick Up

Next message: dark spyrit: "Microsoft ISA Server Vulnerability"
Previous message: Matt Chapman: "Re: x86 vulnerability"
In reply to: Ken Pfeil: "Re: XML scripting in IE, Outlook Express"
Next in thread: Rick Updegrove: "Re: XML scripting in IE, Outlook Express"
Next in thread: David LeBlanc: "Re: XML scripting in IE, Outlook Express"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 27 2001 - 01:28:05 PDT