RE: Serious security Flaw in Microsoft Internet Explorer - Zone Spoofing

From: j jf (jjfjjf69at_private)
Date: Sat Oct 13 2001 - 01:03:41 PDT

Next message: Francisco J. León: "Bug in PostNuke 0.62, 0.63 and 0.64 (and possibly PHPnuke)"

Previous message: Damir Rajnovic: "Re: Cisco Systems - Vulnerability in CDP"
Maybe in reply to: kikkert security: "Serious security Flaw in Microsoft Internet Explorer - Zone Spoofing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I found a way to overcome this hole for now:

Mark OFF all 3 options at the IE Local IntRAnet Security Zone
(Include all local intRAnet, sites, network path UNC).

Now press the advanced key and define your company DNS network zones,
You can use wild cards: *.mycompany.com

I haven’t tested it thoroughly, yet it seems to work and 
http://user%40NONdottedIP
Is accounted as internet rather than Local IntRAnet.

Regards,


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp

Next message: Francisco J. León: "Bug in PostNuke 0.62, 0.63 and 0.64 (and possibly PHPnuke)"
Previous message: Damir Rajnovic: "Re: Cisco Systems - Vulnerability in CDP"
Maybe in reply to: kikkert security: "Serious security Flaw in Microsoft Internet Explorer - Zone Spoofing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sun Oct 14 2001 - 10:23:20 PDT