DSO Exploit reappears

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

SpyBot keeps finding the same 5 entries of DSO Exploit, even after
"destroying" and immunizing against them.
Comments from anyone?
2 answers Last reply
More about exploit reappears
  1. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Ignore them.

    Configure SpyBot S & D Not to Flag DSO Exploit
    http://forum.aumha.org/viewtopic.php?t=8435

    Courtesy of Randy Knobloch aka siljaline
    MS - MVP Windows (IE/OE) 2003/04 AH-VSOP

    Why does DSO Exploit return?
    [[DSO-Exploit is a security gap in Internet Explorer, Outlook and Outlook
    Express. Microsoft did already close this gap with security updates, so with
    current Windows updates and patches installed, it will no longer be a threat
    to your system.
    Spybot-S&D will still detect the DSO-Exploit, but instead of fixing it for
    good, it will unfortunately again set an invalid value. Therefore it will
    again be found with every scan.
    This little bug in Spybot-S&D has already been repaired and the respective
    fix will soon be available as a program update.]]
    http://www.safer-networking.org/en/faq/36.html

    --
    Hope this helps. Let us know.
    Wes

    In news:26DC8009-1E4C-44E3-AB53-FC01EF4C3512@microsoft.com,
    nailer <nailer@discussions.microsoft.com> hunted and pecked:
    > SpyBot keeps finding the same 5 entries of DSO Exploit, even after
    > "destroying" and immunizing against them.
    > Comments from anyone?
  2. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    nailer wrote:
    > SpyBot keeps finding the same 5 entries of DSO Exploit, even after
    > "destroying" and immunizing against them.
    > Comments from anyone?


    The DSO exploit was patched long ago by IE Cumulative Update
    MS02-015, in March of 2002. If you've installed this specific patch,
    or any subsequent IE Cumulative Updates, IE Service Pack 1, or WinXP
    SP2, you're safe. It would appear that the latest version of SpyBot
    S&D is only checking for Internet zone settings in the registry that
    could be used as work-around protection, and not for the presence of
    any corrective patches. Hopefully, the makers of SpyBot will soon fix
    this bug.

    MS02-015 March 28, 2002 Cumulative Patch for Internet Explorer
    http://support.microsoft.com/default.aspx?scid=kb;EN-US;319182

    If you like, you can test your system for this particular
    vulnerability at this web site:
    http://www.grey.com/security/advisories/gm001-ie/

    The makers of SpyBot S&D have acknowledged the problem and will
    fix it on their next update:
    http://www.safer-networking.org/index.php?page=paragraphs&detail=currentfaqs

    In the meantime, in SpyBot S&D, click Mode > Advanced > Settings >
    Ignore Products > Security > DSO Exploit, to turn off the false alarm.

    Some people have reported that the SpyBot Detection rules dated 30
    Aug 04, or newer, when used with SpyBot S&D 1.3.1TX, will fix this
    problem. However, I've had inconsistent results with that particular
    detection update; sometimes it reads clean, then later it will once
    again find the DSO problem, and then it will read clean again, all on
    the same machine, with no other changes made.


    --

    Bruce Chambers

    Help us help you:
    http://dts-l.org/goodpost.htm
    http://www.catb.org/~esr/faqs/smart-questions.html

    You can have peace. Or you can have freedom. Don't ever count on having
    both at once. - RAH
Ask a new question

Read More

Security Spybot Exploit Microsoft Windows XP