-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I thought just turning of active scripting fixes the hole? Leon (Maybe the solution is worse then the problem?) - -----Original Message----- From: Suresh P [mailto:suryaat_private] Sent: Wednesday, March 13, 2002 12:53 AM To: Magnus Bodin; vuln-devat_private; bugtraqat_private; focus-msat_private Cc: ms-secnewsat_private; SECURITY-BASICSat_private Subject: Disabling the MSIE hole. Hi All, You can disable the Latest MSIE hole on all windows machines by enabling the security settings for the LocalZone. unfortunately, there is no UI for doing this. All you have to do is, launch regedit, traverse to the following key and change the value to 3. HKEY_CURRENT_USER \Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0 and change the value of "1004" from "0" to "3". This is applicable for Windows 95/98/NT/2000 regards, Suresh Ponnusami, Internet Security Consultant, nSecure Software (P) Ltd, http://www.nsecure.net/ Ph: 91 80 535 1545 Fax: 91 80 535 1551 - ---------------------------------------------------------------------- - ------ - - This message is intended for the addressee only. It may contain privileged or confidential information. If you have received this message in error, please notify the sender and destroy the message immediately. Unauthorised use or reproduction of this message is strictly prohibited. -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBPI+CY9qAgf0xoaEuEQLrqACg15vhInjFUGUkDrvuYbJWif3ccQMAoJEW YMOVvncbBo3xNAPjRazCGhTt =0+Sp -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Wed Mar 13 2002 - 12:20:13 PST